Reliably identifying information of device generating digital signatures

ABSTRACT

Information of a device that generates digital signatures is reliably identified by (a) for each of a plurality of devices manufactured in an environment, (i) creating a public-private key pair within the environment, (ii) linking within the environment in a secure manner the public key with other information associated with the device, and (iii) before release of the device from the environment, storing the private key within the device for generating a digital signature for an electronic message, and (b) thereafter, when a said linked public key successfully authenticates a digitally signed message, identifying the other information associated with said linked public key as pertaining to the device to which belongs the private key utilized in digitally signing the message. Manufacturing the devices includes creating a public-private key pair within the secure environment, and storing the private key within the device against the possibility of divulgement thereof by the device.

CROSS REFERENCE TO RELATED APPLICATIONS

The present application is a continuation of and claims priority under35 U.S.C. § 120 to U.S. patent application Ser. No. 09/923,213 filedAug. 6, 2001, which is the nonprovisional of and claims priority under35 U.S.C. 119(e) to the benefit of the filing date of Wheeler et al.U.S. provisional patent application Ser. No. 60/223,076 filed on Aug. 4,2000, both of which are incorporated herein by reference. Thisapplication also incorporates herein by reference each of fourinternational patent applications and two U.S. patent application toAnne and Lynn Wheeler filed in the U.S. Patent & Trademark Office onAug. 6, 2001, and bearing serial No. PCT/US01/41587 (titled“Person-Centric Account-Based Digital Signature System”) and Ser. No.09/923,179 (titled “Account-Based Digital Signature (ABDS) System”);serial No. PCT/US01/41562 (titled “Entity Authentication in ElectronicCommunications by Providing Verification Status of Device”) and Ser. No.09/923,075 (titled “Modifying Message Data and Generating Random NumberDigital Signature Within Computer Chip”); serial No. PCT/US01/24572(titled “Linking Public Key of Device to Information DuringManufacture”); and serial No. PCT/US01/24563 (titled “TrustedAuthentication Digital Signature (TADS) System”).

BACKGROUND OF INVENTION

The present invention generally relates to electronic communicationsand, in particular, to devices that generate digital signaturesassociated with electronic communications.

As used herein, an electronic communication (“EC”) is considered to beany communication in electronic form. ECs have become an integral partof transacting business today, especially with the growth of theInternet and e-commerce. An EC can represent, for example, a request foraccess to information or a physical area, a financial transaction, suchas an instruction to a bank to transfer funds, or a legal action, suchas the delivery of an executed contract.

Over recent years, digital signatures also have become an important partof e-commerce. The origination of a digital signature generallycomprises: (1) the calculation of a message digest-such as a hash value;and (2) the subsequent encryption of the message digest. The messagedigest is encrypted by an electronic device generally using a privatekey of a key pair used in public-private key cryptography (also known asasymmetric cryptography). The resulting ciphertext itself usuallyconstitutes the digital signature, which typically is appended to themessage to form the EC. The second part of originating the digitalsignature-encrypting with a private key—is referred to herein as“generating” the digital signature, and the combination of the two stepsis referred to herein as “originating” the digital signature.Furthermore, while the generation of the digital signature isconventionally understood as the encryption of the message digest, it iscontemplated herein that generating the digital signature also mayinclude simply encrypting the message rather than the message digest.Digital signatures are important because any change whatsoever to themessage in an EC is detectable from an analysis of the message and thedigital signature. In this regard, the digital signature is used to“authenticate” a message contained within the EC (herein referred to as“Message Authentication”).

For example, a message digest may be calculated by applying a hashingalgorithm to the message. The hashing algorithm may be applied eitherwithin the device or external to the device with the resulting hashvalue then being transmitted to the device for generation of the digitalsignature. In order to perform the Message Authentication in thisexample, the recipient of the EC must know or be able to obtain both theidentity of the hashing algorithm applied to the message as well as thepublic key (“PuK”) corresponding to the private key used to encrypt themessage digest. With this knowledge, the recipient applies theappropriate hashing algorithm to the message to calculate a hash value,and the recipient decrypts the digital signature using the public key.If the hash value calculated by the recipient equals the hash value ofthe decrypted digital signature, then the recipient determines that thecontent of the message contained in the EC was not altered intransmission, which necessarily would have changed the hash value.

In performing Message Authentication, the recipient also authenticatesthe sender of the EC, in so much as the recipient thereby confirms thatthe sender of the EC possessed the private key corresponding to thepublic key used successfully to authenticate the message. This is onetype of entity authentication and is based on what the sender “has”(herein referred to as “Factor A Entity Authentication”). Factor AEntity Authentication is useful when the recipient of the EC has trustedinformation regarding the identity of the owner of the private key. Suchtrusted information may arise from a digital certificate issued by atrusted third-party that accompanies the EC and binds the identity ofthe private key owner with the public key. This trusted knowledge alsomay comprise actual knowledge of the identity of the private key owner,such as in the case where the recipient itself has issued the, privatekey or the device containing the private key to the owner.

As will be appreciated, trust in the digital signature system dependsupon the legitimate possession and use of the private key, i.e., uponthe sender of the EC actually being the private key owner. A fraudulentuse of a private key to generate a digital signature of an EC currentlycannot be detected through the above-described Message Authenticationand Factor A Entity Authentication procedures. The digital signaturesystem therefore is susceptible to fraud if a private key of a device isstolen, either by physical theft of the device containing the privatekey, or by discovery of the private key therein and subsequent copyingand use in another device capable of generating digital signatures.

To guard against fraudulent use of a device through theft of the deviceitself, a personal identification number (PIN), password, or passphrase(collectively referred to herein as “Secret”) is typically prestoredwithin the device and must be input into the device before it willoperate to generate digital signatures. Alternatively, the Secret isshared with the recipient beforehand and, when the EC later is sent tothe recipient, the Secret also is sent to the recipient in associationwith the message. In the first case, verification of the Secretauthenticates the user of the device (herein “User Authentication”), andin the second case, verification of the Secret authenticates the senderof the EC (herein “Sender Authentication”). In either case, confirmationof the Secret represents entity authentication based on what the user orsender “knows” (herein “Factor B Entity Authentication”). Anothersecurity feature that guards against fraudulent use of the devicethrough physical theft include the verification of a biometriccharacteristic—like a fingerprint—of the user of the device or sender ofthe EC. This type of authentication is based on what the user or sender“is” (herein “Factor C Entity Authentication”). As with the Secret, abiometric value is either maintained within the device for UserAuthentication, or is shared with the recipient beforehand for SenderAuthentication by the recipient. To guard against discovery of a privatekey and subsequent copying and use in another device, devices aremanufactured with electronic shielding, zeroization, auditing, tamperevidence and tamper response, and other security features that serve tosafeguard the private key (and other protected data) contained therein.

Such security features of devices include hardware, software, andfirmware, and are well known in the art of manufacturing secure computerchips and other devices having cryptographic modules. The requirementsof such security features are specified, for example, in FederalInformation Processing Standards Publication 140-1, SecurityRequirements for Cryptographic Modules, US DOC/NBS, Jan. 11, 1994(herein “FIPS PUB 140-1”), which is incorporated herein by reference andwhich is available for download athttp://csrc.nist.gov/publications/fips; and Federal InformationProcessing Standards Publication 140-2, Security Requirements forCryptographic Modules, US DOC/NBS, May 25, 2001 (herein “FIPS PUB140-2”), which is incorporated herein by reference and which isavailable for download at http://csrc.nist.gov/publications/fips. FIPSPUB 140-1 and 140-2 also define security levels that may be met by adevice based on the device's security features, with each of thesedefined security levels generally representing a various level ofdifficulty—in terms of time and money—that would be encountered inattempting to discern a private key of a device. Currently, foursecurity levels are defined with security level 4 being the highestlevel of security available.

Specifications for such security features also are set forth in TrustedComputing Platform Alliance Trusted Platform Module Protection ProfileVersion 0.45, TRUSTED COMPUTING PLATFORM ALLIANCE, September 2000;Trusted Platform Module (TPM) Security Policy Version 0.45, TRUSTEDCOMPUTING PLATFORM ALLIANCE, October 2000; and TCPA PC ImplementationsSpecification Version 0.95, TRUSTED COMPUTING PLATFORM ALLIANCE, Jul. 4,2001, which are incorporated herein by reference (collectively “TCPADocuments”), and which are available for download athttp://www.trustedpc.com; and Common Criteria for Information TechnologySecurity Evaluation, Smart Card Protection Profile, Draft Version 2.1d,SMART CARD SECURITY USER GROUP, Mar. 21, 2001, which is incorporatedherein by reference (hereinafter “Smart Card Protection Profile”), andwhich is available for download at http://csrc.nist.gov.

The particular features of a device that safeguard against discovery ofa private key and other protected data are referred to herein as“security characteristics” of the device. The particular features of adevice that safeguard against unauthorized use of the device byauthenticating the user are referred to herein as “authenticationcapabilities” of the device. The “security features” of a device(including a cryptographic module or TPM) comprise the securitycharacteristics and authentication capabilities as well as othersecurity features of the device, the requirements of which are specifiedin the above cited references.

Unfortunately, while the aforementioned security features generallyreduce the risk of fraud within the digital signature system overall, arecipient of any one particular EC including a digital signature may beunfamiliar with the device used to generate the digital signature and,therefore, be unable to gauge the risk of whether the digital signaturewas generated fraudulently, either through theft of the device ordiscovery of the private key.

Of course, if the recipient possesses a shared secret or a biometricvalue of the sender for performing Sender Authentication, then therecipient may determine that the digital signature was not fraudulentlygenerated assuming that the shared secret or biometric value was notstolen. However, this type of protection by the recipient hassignificant drawbacks and is not always used by the recipient. Forexample, if the Secret or biometric value is communicated to therecipient in association with a Platform Alliance Trusted PlatformModule Protection Profile Version 0.45, TRUSTED COMPUTING PLATFORMALLIANCE, September 2000; Trusted Platform Module (TPM) Security PolicyVersion 0.45, TRUSTED COMPUTING PLATFORM ALLIANCE, October 2000; andTCPA PC Implementations Specification Version 0.95, TRUSTED COMPUTINGPLATFORM ALLIANCE, Jul. 4, 2001, which are incorporated herein byreference (collectively “TCPA Documents”), and which are available fordownload at http://www.trustedpc.com; and Common Criteria forInformation Technology Security Evaluation, Smart Card ProtectionProfile, Draft Version 2.1 d, SMART CARD SECURITY USER GROUP, Mar. 21,2001, which is incorporated herein by reference (hereinafter “Smart CardProtection Profile”), and which is available for download athttp://csrc.nist.gov.

The particular features of a device that safeguard against discovery ofa private key and other protected data are referred to herein as“security characteristics” of the device. The particular features of adevice that safeguard against unauthorized use of the device byauthenticating the user are referred to herein as “authenticationcapabilities” of the device. The “security features” of a device(including a cryptographic module or TPM) comprise the securitycharacteristics and authentication capabilities as well as othersecurity features of the device, the requirements of which are specifiedin the above cited references.

Unfortunately, while the aforementioned security features generallyreduce the risk of fraud within the digital signature system overall, arecipient of any one particular EC including a digital signature may beunfamiliar with the device used to generate the digital signature and,therefore, be unable to gauge the risk of whether the digital signaturewas generated fraudulently, either through theft of the device ordiscovery of the private key.

Of course, if the recipient possesses a shared secret or a biometricvalue of the sender for performing Sender Authentication, then therecipient may determine that the digital signature was not fraudulentlygenerated assuming that the shared secret or biometric value was notstolen. However, this type of protection by the recipient hassignificant drawbacks and is not always used by the recipient. Forexample, if the Secret or biometric value is communicated to therecipient in association with a message for Sender Authentication by therecipient, then the Secret or biometric value first must have beenshared with the recipient beforehand and safeguarded by the recipient aspart of an established, preexisting relationship; consequently, arecipient having no prior existing relationship with the sender isunable to perform Sender Authentication.

Another drawback is that the sharing of the Secret or biometric valuewith the recipient exposes the recipient to liability and exposes theSecret or biometric value itself to a greater risk of theft anddissemination. The transmission of the Secret or biometric value forverification carries with it the risk of interception and discoveryduring transit. Upon receipt, the Secret or biometric value must besafeguarded by the recipient, which inherently gives rise to a risk oftheft from the recipient. This is especially significant in thecorporate context where a rogue employee may steal the safeguardedSecret or biometric value (insider fraud historically has been thegreatest threat). The potential damages also are extensive when theSecret or biometric value is stolen. Since it is difficult for anindividual to remember multiple Secrets for multiple recipients, it iscommon for the same Secret to be used with different recipients. Thetheft of the Secret from one recipient thereby compromises the SenderAuthentication performed by all of the recipients, at least until theSecret is changed for each recipient. In the case of the theft of abiometric value, the damages are even more severe, as a sender'sbiometric characteristic cannot be changed and, once lost, potentiallycompromises any future Sender Authentication therewith.

Accordingly, a recipient generally is unable to gauge the risk ofwhether a digital signature was generated fraudulently when no secret orbiometric value is shared between the sender and the recipient. Instead,a recipient must rely upon blind trust in accepting that the device usedto generate the digital signature has not been stolen and in acceptingthat the device used to generate the digital signature has sufficientsafeguards to protect its private key from discovery and use.

A need therefore exists for a method by which a recipient may reliablyidentify a risk of whether a digital signature has been generatedfraudulently using a stolen private key (whether stolen by physicaltheft of the device or discovery of the private key itself), whereby therecipient may protect itself against fraud. In this regard, a need alsoexists for a method by which a recipient of an EC including a digitalsignature may reliably determine at any given time the current level ofsecurity of the device to which belongs the private key used to generatethe digital signature. A need also exists for a method by which arecipient of an EC may reliably determine the safeguards of such devicethat protect against fraudulent use thereof.

SUMMARY OF INVENTION

The present invention generally comprises the linking in a reliablemanner of a public key of a device that generates digital signaturesusing asymmetric cryptography to other information regarding the devicewithin an environment in which the device is manufactured. As usedherein, the “other information” comprises at least one of securityfeatures and manufacturing history of the device, and preferablyincludes both security features and manufacturing history of the device(herein collectively referred to as “Security Profile”).

As used herein, the “authentication capabilities” of the device includethose components that perform either or both of Factors B and C EntityAuthentication with regard to authentication of the user of the device.Furthermore, the “manufacturing history” of the device preferablyincludes a recording of manufacturing attributes of the device, such asthe manufacturer of the device; all specifications applicable to thedevice; manufacture date of the device; location of manufacture; batchidentifier of the device; serial number or part number of the device;security of the manufacturing facility; physical instantiation of thedevice regarding layout and process geometry; software identificationand release date; operating parameters of the device, including voltageand frequency ranges; and identification of all enabled hardware andsoftware security features of the device. The manufacturing history ofthe device also preferably includes the cryptographic characteristics,key generation characteristics, and random number generatorcharacteristics of the device.

A. First Aspect of the Present Invention/Identifying PuK-LinkedInformation of Device Generating Digital Signatures

A first aspect of the present invention includes the linking of a publickey of a device with other information within the environment of itsmanufacture and then the later identifying of the other informationregarding the device after the release of the device from themanufacturing environment based upon its public key. By considering suchinformation later identified, a recipient is able to gauge a risk orlikelihood of whether a digital signature using the private keybelonging to the device was generated fraudulently.

In accordance with the preferred methods of the first aspect of thepresent invention, the device is manufactured in a secure environment(i.e., an environment having a sufficient security rating so as not tocompromise the security level of any device manufactured in suchenvironment). Furthermore, the information linked with the public key ofthe device comprises the Security Profile of the device. Accordingly,the recipient is able to determine a current security level of thedevice based on the identified security features of the device. Therecipient also is able to gauge a risk of whether the private key of thedevice was compromised based on the identified security characteristicsof the device, and the recipient is able to gauge a risk of whether thedevice containing the private key was fraudulently used based on theidentified authentication capabilities of the device. Finally, therecipient is able to evaluate the stated security features of the devicebased upon the identified manufacturing history of the device.

In preferred methods of the first aspect of the present invention,before a manufactured device is removed from the secure environment, apublic-private key pair is created within the device and the public keyis exported and linked to the Security Profile of the device within oneor more databases maintained within the secure environment (hereincollectively “secure database”). In particular, one of the keys—thepublic key—is recorded in the secure database by the device manufactureror other trustworthy entity (“Secure Entity”), and the other key—theprivate key—is preferably retained within the manufactured device andsafeguarded against discovery. The public key also is retained withinthe device and is exportable upon demand. The Security Profile of themanufactured device is recorded in the secure database, and the recordtherefor is indexed or mapped to the corresponding public key, therebyreliably linking together both the public key and Security Profile ofthe device. In this case, the unique identifier is stored within thedevice and is exportable upon demand. Moreover, since each public key isunique—at least to a high degree of probability—the mapping in thesecure database is one-to-one. Alternatively, the public key andSecurity Profile are indexed to a unique identifier of the device withinthe secure database, thereby reliably linking together the public keyand Security Profile of the device, whereby an assurance level of thedevice may be determined.

Subsequently, when an EC is received by a recipient that includes adigital signature generated by a suspect device and the message isauthenticated utilizing a suspect public key, the recipient identifiesthe Security Profile linked to the suspect public key as pertaining tothe actual manufactured device to which belongs the private key used togenerate the digital signature of the EC (herein “genuine device”).Then, whether the digital signature was generated fraudulently can begauged by the recipient based upon the known Security Profile for thegenuine device. Specifically, the risk of whether the private keyretained within the manufactured device has been compromised—and thuswhether the suspect device is the genuine device—can be gauged based onthe identified security characteristics of the genuine device, and therisk of whether the genuine device has been fraudulently used can begauged based on the identified authentication capabilities of thegenuine device. These evaluations also can be qualified based on theidentified manufacturing history of the device, as appropriate.

In alternative preferred methods of the first aspect of the presentinvention, a public-private key pair is created and the public key ofthe device is linked to the Security Profile of the device by combiningthe public key with the Security Profile into a record that then isdigitally signed by the Secure Entity. The record and digital signaturetogether form a “Security Certificate,” which also is imported into thedevice for safekeeping with the private key. The digital signing of therecord by the Secure Entity in the secure environment reliably links theSecurity Profile of the manufactured device and its public key.

Subsequently, when a digital signature is generated by the device forinclusion in an EC, the Security Certificate also is included in the EC.Upon receipt and successful authentication of the message using thesuspect public key set forth in the Security Certificate, the recipientauthenticates the Security Certificate in the EC utilizing a public keyof the Secure Entity. Upon successful authentication thereof, therecipient reliably identifies the Security Profile of the genuine deviceto which belongs the private key used in generating the digitalsignature of the EC. Then, whether the digital signature was generatedfraudulently can be gauged by the recipient based upon the knownSecurity Profile for the genuine device. Specifically, the risk ofwhether the private key retained within the manufactured device has beencompromised—and thus whether the suspect device is the genuinedevice—can be gauged based on the identified security characteristics ofthe genuine device, and the risk of whether the genuine device has beenfraudulently used can be gauged based on the identified authenticationcapabilities of the genuine device. These evaluations also can bequalified based on the identified manufacturing history of the device,as appropriate.

B. Second Aspect of the Present Invention/Establishing PuK-LinkedAccount Database

A second aspect of the present invention includes establishing aninitial PuK-linked account database. A method in accordance with thisaspect of the present invention includes manufacturing devices thatgenerate digital signatures and, for each manufactured device before itis released from the environment of its manufacture: creating a pair ofkeys used in asymmetric cryptography; storing one of the keys within themanufactured device for utilization in generating a digital signaturefor an electronic message; and recording the other key and otherinformation in a database maintained within the environment such thatthe information is linked with the key in the database. The manufactureddevices then are distributed to a plurality of users. The users to whichthe manufactured devices are distributed may comprise existing customersas well as potential customers of a third-party. Thereafter, thedatabase records of the distributed manufactured devices are identifiedto the third-party as the initial PuK-linked account database of theusers.

In accordance with the preferred methods of this aspect of the presentinvention, the information with which each key of a device is linkedcomprises the Security Profile of the respective device, and the devicesfor which the Security Profiles are identified are manufactured in asecure environment. The database also preferably comprises a securedatabase. Furthermore, the keys of each device preferably are generatedand are retained within the device, with the public key preferably beingexportable on demand.

In preferred methods of this aspect of the present invention, theidentifying of the database records includes communicating from thesecure environment in a secure manner the database records for thedistributed manufactured devices as the initial PuK-linked accountdatabase of the third-party. In this regard, the database records arecommunicated in a manner having a security rating greater than thesecurity level of any manufactured device to which the database recordspertain. Indeed, the security rating should be proportional to theaggregate risk presented by all of the individual devices to which thedatabase records pertain. Such a manner includes generating a digitalsignature for the database records and then communicating the databaserecords and digital signature to the third-party.

When the third-party receives the PuK-linked database as the initialPuK-linked account database of the users, it may be updated withspecific information of the users that is provided by each user. Inassociating information specific to a user with a record of the initialPuK-linked account database, Factor A Entity Authentication preferablyis used based on the user digitally signing a message with the privatekey of the manufactured device. Alternatively, the initial PuK-linkedaccount database may be merged with a preexisting account database ofthe users maintained by the third-party that contains user-specificinformation, or the initial PuK-linked account database may bemaintained separately from but indexed with such a preexisting accountdatabase of the users. In such case, the third-party preferablyauthenticates each user as being the correct user for the respectiverecords of the user in the account databases before such association ismade. Accordingly, Factor A Entity Authentication preferably is usedwith respect to the record of the user in the PuK-linked accountdatabase, and other entity authentication techniques are used forauthenticating the user with respect to the record in the accountdatabase. Such other techniques may include questioning the user aboutspecific-account information in the record or requiring the user toprovide a Secret, such as the maiden name of the mother of the user.

C. Third Aspect of the Present Invention/Establishing Initial PuK-LinkedAccount Database Record

A third aspect of the present invention includes establishing an initialPuK-linked account database record of a user with a plurality ofaccounts maintained by different third-parties. A method in accordancewith this aspect of the present invention includes manufacturing devicesthat generate digital signatures and, for each manufactured devicebefore it is released from the environment of its manufacture: creatinga pair of keys used in asymmetric cryptography; storing one of the keyswithin the manufactured device for utilization in generating a digitalsignature for an electronic message; and recording the other key andother information in a database maintained within the environment suchthat the information is linked with the key in the database. One of themanufactured devices then is distributed to the user. Thereafter, thedatabase record of the distributed device is identified to each of thethird-parties as being the initial PuK-linked account database record ofthe user. The user may be a customer or potential customer of eachthird-party.

In accordance with the preferred methods of this aspect of the presentinvention, the information with which the key of the device is linkedcomprises the Security Profile of the device, and the device ismanufactured in a secure environment. The database in which the key andSecurity Profile are linked also preferably comprises a secure database.Furthermore, the keys preferably are generated and are retained withinthe device, with the public key preferably being exportable on demand.

In preferred methods of this aspect of the present invention, theidentifying of the initial PuK-linked database record includescommunicating from the secure environment in a secure manner thedatabase record for the device of the user to a third-party at which anaccount of the user is or will be maintained. In this regard, thedatabase records are communicated in a manner having a security ratinggreater than the security level of the manufactured device to which thedatabase record pertains. Such a manner includes generating a digitalsignature for the database record by the Secure Entity and thencommunicating the database record and digital signature to thethird-party.

When the third-party receives the PuK-linked database record as theinitial PuK-linked account database record of the user, it may beupdated with specific information of the user as provided by the user.In associating user-specific information with the initial PuK-linkedaccount database record of the user, Factor A Entity Authenticationpreferably is used for the initial PuK-linked account database recordbased on the user digitally signing a message with the private key ofthe manufactured device. Alternatively, the initial PuK-linked accountdatabase record may be merged with a preexisting account database recordof the user maintained by the third-party that contains user-specificinformation, or the initial PuK-linked account database record may bemaintained separately from but indexed with such a preexisting accountdatabase record of the user. In such case, the third-party preferablyauthenticates the user as being the correct user for both accountrecords before such association. Accordingly, Factor A EntityAuthentication preferably is used in conjunction with other entityauthentication techniques for authenticating a user with respect to theaccount database record. Such other techniques may include questioningthe user about specific-account information in the record or requiringthe user to provide a Secret, such as the maiden name of the mother ofthe user.

D. Fourth Aspect of the Present Invention/Insuring EC for a TransactionBased on Identified PuK-Linked Information of Device Generating DigitalSignatures

Yet a fourth aspect of the present invention includes the insuring of atransaction based, at least in part, on the identified information of amanufactured device that generates digital signatures in accordance withthe first aspect of the present invention. In particular, a preferredmethod in accordance with the fourth aspect of the present inventionincludes the steps of manufacturing devices in a secure environment and,for each manufactured device before it is released from the secureenvironment: creating a pair of keys used in asymmetric cryptography;storing one of the keys within the manufactured device for utilizationin generating a digital signature for an electronic message; and linkingtogether in a secure manner the other key and the Security Profile ofthe manufactured device. The manufactured devices then are released fromthe secure environment.

Thereafter, an electronic communication representing the transaction issent with a digital signature generated with a suspect device. Theelectronic communication includes an electronic message and a digitalsignature generated for the electronic message utilizing the key storedin one of the manufactured devices. Upon receipt, the message isauthenticated using a public key. The Security Profile linked to thepublic key successfully authenticating the message then is identified asthe Security Profile of the genuine device to which belongs the privatekey used in generating the digital signature, and a monetary guaranteeis provided that the digital signature for the electronic message wasnot generated fraudulently. The monetary guarantee, i.e., the insurance,is provided in exchange for a premium that is based, at least in part,upon an evaluation of the identified security features of the genuinedevice and further may be based on an evaluation of the manufacturinghistory of the device. In this regard, the preferred method furtherincludes assigning a defined risk level to the EC based on theidentified Security Profile, with each defined risk level correspondingto a different premium rate that is charged for the provision of themonetary guarantee.

E. Fifth Aspect of the Present Invention/Gauging Whether EC on Accountis Fraudulent Based on PuK-Linked Information of Device GeneratingDigital Signatures

A fifth aspect of the present invention includes gauging a risk ofwhether an EC including a digitally signed message representing atransaction on an account is fraudulent based not only on informationlinked with the public key of a device used to generate the digitalsignature, but also on a transactional history of the account asrecorded by the recipient and, in particular, a history of transactionson the account that were digitally signed (herein “transactionalhistory”).

In a feature of this aspect of the present invention, a plurality ofmanufactured devices are distributed to or acquired by a user and thedatabase record for each distributed device is provided to the recipientand associated with the account of the user. Subsequently, for ECs fortransactions on the account that are received by the recipient and thatinclude digital signatures generated by one of the devices, therecipient records the particular details regarding each such transactionin the account. However, rather than generally associating thetransaction details with the overall account, the recipient associatesthe transaction details with the linked public key used to successfullyauthenticate the message of the EC. Accordingly, for each EC received,the recipient evaluates the potential for a fraudulent EC based not onlyon the information linked with the public key identified in accordancewith the first aspect of the present invention, but also on thetransactional history of digitals signatures authenticated using suchkey as recorded by the recipient. In yet an additional feature, theenvironment in which the digital signature of an EC is generated, ifsuch information is discernable from the EC or otherwise obtainable,also preferably is considered in gauging a risk of whether the EC isfraudulent. For instance, an I/O support element may also digitally signan EC, and information regarding the I/O support element linked to thepublic key of the I/O support element may be identified in accordancewith the first aspect of the present invention. Furthermore, in anotherfeature, the authentication techniques performed (if any) when a linkedpublic key was associated with the account of the user are recorded inthe account record and are considered in gauging a risk of whether aparticular EC is fraudulent.

F. Sixth Aspect of the Present Invention/Service for DisseminatingPuK-Linked Information of Device Generating Digital Signatures

In accordance with a sixth aspect of the present invention, an entity(herein “Central Key Authority”) maintains PuK-linked accountregistration information for a user (herein “Registration Information”).The Registration Information includes the public key and one or more ofthe following types of information relating to a particular device ofthe user that generates digital signatures: the identity ofthird-parties with which the user has PuK-linked accounts for thedevice; information linked with the public key of the device inaccordance with the first aspect of the present invention; user-specificinformation; and, if applicable, the authentication techniques that wereemployed in verifying the user-specific information maintained by theCentral Key Authority.

In accordance with this aspect of the present invention, the Central KeyAuthority disseminates some or all of the Registration information, asappropriate, to a third-party. Registration information is disseminatedwhen the user has an account with a third-party—or desire to establishan account with a third-party—and desires to send ECs with messagesrepresenting transactions on the account that are digitally signed usingthe device. The dissemination of the Registration information alsooccurs, for example, when Registration information with a third-partyhas become outdated for a particular account. Furthermore, thedissemination of the Registration information may be in accordance withthe third aspect of the present invention.

BRIEF DESCRIPTION OF DRAWINGS

Further features and benefits of these aspects of the present inventionwill be apparent from a detailed description of preferred embodimentsthereof taken in conjunction with the following drawings, wherein likereferences refer to like elements.

FIG. 1 illustrates a preferred system in which a first preferred methodof the first aspect of the present invention is practiced.

FIG. 2 illustrates a flowchart of steps performed within a secureenvironment in accordance with the first preferred method of the firstaspect of the present invention.

FIG. 3 illustrates a communication sequence in identifying a SecurityProfile of a device in accordance with the first preferred method of thefirst aspect of the present invention.

FIG. 4 illustrates a flowchart of steps performed by a suspect deviceoriginating a digital signature in an EC in accordance with the firstpreferred method of the first aspect of the present invention.

FIG. 5 illustrates a flowchart of steps performed by a recipient inaccordance with the first preferred method of the first aspect of thepresent invention.

FIG. 6 illustrates a flowchart of steps performed by a Secure Entity inaccordance with the first preferred method of the first aspect of thepresent invention.

FIG. 7 illustrates a flowchart of steps performed within the secureenvironment in accordance with a second preferred method of the firstaspect of the present invention.

FIG. 8 illustrates a communication sequence in identifying a SecurityProfile of a device in accordance with the second preferred method ofthe first aspect of the present invention.

FIG. 9 illustrates a flowchart of steps performed by a suspect deviceoriginating a digital signature in an EC in accordance with the secondpreferred method of the first aspect of the present invention.

FIG. 10 illustrates a flowchart of steps performed by a recipient inaccordance with the second preferred method of the first aspect of thepresent invention.

FIG. 11 illustrates a flowchart of steps performed by a Secure Entity inaccordance with the second preferred method of the first aspect of thepresent invention.

FIG. 12 illustrates a flowchart of steps performed within the secureenvironment in accordance with a third preferred method of the firstaspect of the present invention.

FIG. 13 illustrates a communication sequence in identifying a SecurityProfile of a device in accordance with the third preferred method of thefirst aspect of the present invention.

FIG. 14 illustrates a flowchart of steps performed by a suspect deviceoriginating a digital signature in an EC in accordance with the thirdpreferred method of the first aspect of the present invention.

FIG. 15 illustrates a flowchart of steps performed by a recipient inaccordance with the third preferred method of the first aspect of thepresent invention.

FIG. 16 illustrates a flowchart of steps performed by a Secure Entity inaccordance with the third preferred method of the first aspect of thepresent invention.

FIG. 17 illustrates a system related to the second aspect of the presentinvention in which a third-party provides goods and/or services tocustomers and maintains a customer account database in conjunctiontherewith.

FIG. 18 illustrates a preferred system in which a preferred method ofthe second aspect of the present invention is practiced.

FIG. 19 illustrates database records of an initial PuK-linked accountdatabase in accordance with the preferred method of the second aspect ofthe present invention.

FIG. 20 illustrates a PuK-linked account database of customerscomprising the database records of FIG. 19 after having been updatedand/or merged by the third-party representing an Internet serviceprovider.

FIG. 21 illustrates a PuK-linked account database of customerscomprising the database records of FIG. 19 after having been updatedand/or merged by the third-party representing a financial institution.

FIG. 22 illustrates a preferred system in which a preferred method ofthe third aspect of the present invention is practiced.

FIG. 23 illustrates a preferred system in which a first preferred methodof the fourth aspect of the present invention is practiced.

FIG. 24 illustrates a communication sequence in accordance with thefirst preferred method of the fourth aspect of the present invention.

FIG. 25 illustrates a flowchart of steps performed by a suspect deviceoriginating a digital signature of an EC in accordance with the firstpreferred method of the fourth aspect of the present invention.

FIG. 26 illustrates a flowchart of steps performed by a FinancialInstitution in accordance with the first preferred method of the fourthaspect of the present invention.

FIG. 27 illustrates a flowchart of steps performed by an Insuring Entityin accordance with the first preferred method of the fourth aspect ofthe present invention.

FIG. 28 illustrates a flowchart of steps performed by a Secure Entity inaccordance with the first preferred method of the fourth aspect of thepresent invention.

FIG. 29 illustrates a communication sequence in accordance with a secondpreferred method of the fourth aspect of the present invention.

FIG. 30 illustrates a flowchart of steps performed by a suspect deviceoriginating a digital signature in an EC in accordance with the secondpreferred method of the fourth aspect of the present invention.

FIG. 31 illustrates a flowchart of steps performed by a FinancialInstitution in accordance with the second preferred method of the fourthaspect of the present invention.

FIG. 32 illustrates a flowchart of steps performed by an Insuring Entityin accordance with the second preferred method of the fourth aspect ofthe present invention.

FIG. 33 illustrates a flowchart of steps performed by a Secure Entity inaccordance with the second preferred method of the fourth aspect of thepresent invention.

FIG. 34 illustrates a communication sequence in accordance with a thirdpreferred method of the fourth aspect of the present invention.

FIG. 35 illustrates a flowchart of steps performed by a suspect deviceoriginating a digital signature in an EC in accordance with the thirdpreferred method of the fourth aspect of the present invention.

FIG. 36 illustrates a flowchart of steps performed by a FinancialInstitution in accordance with the second preferred method of the fourthaspect of the present invention.

FIG. 37 illustrates a flowchart of steps performed by an Insuring Entityin accordance with the second preferred method of the fourth aspect ofthe present invention.

FIG. 38 illustrates a flowchart of steps performed by a Secure Entity inaccordance with the second preferred method of the fourth aspect of thepresent invention.

FIG. 39 illustrates a communication sequence in accordance with a fourthpreferred method of the fourth aspect of the present invention.

FIG. 40 illustrates a flowchart of steps performed by a suspect deviceoriginating a digital signature in an EC in accordance with the fourthpreferred method of the fourth aspect of the present invention.

FIG. 41 illustrates a flowchart of steps performed by a FinancialInstitution in accordance with the fourth preferred method of the fourthaspect of the present invention.

FIG. 42 illustrates a flowchart of steps performed by an Insuring Entityin accordance with the fourth preferred method of the fourth aspect ofthe present invention.

FIG. 43 illustrates a flowchart of steps performed by a Secure Entity inaccordance with the fourth preferred method of the fourth aspect of thepresent invention.

FIG. 44 illustrates an established PuK-linked account database ofcustomers of a third-party representing a financial institution inaccordance with a preferred method of a fifth aspect of the presentinvention.

FIG. 45 illustrates a flow chart for considering whether to perform atransaction on an account in accordance with a preferred method of thefifth aspect of the present invention.

FIG. 46 illustrates an account database of a Central Key Authority inaccordance with a sixth aspect of the present invention.

FIG. 47 illustrates a communication sequence in accordance with apreferred method of the sixth aspect of the present invention.

FIG. 48 illustrates a flowchart of steps performed by a user inaccordance with the preferred method of the sixth aspect of the presentinvention of FIG. 47.

FIG. 49 illustrates a flowchart of steps performed by a Central KeyAuthority in accordance with the preferred method of the sixth aspect ofthe present invention of FIG. 47.

FIG. 50 illustrates a flowchart of steps performed by a first AccountAuthority in accordance with the preferred method of the sixth aspect ofthe present invention of FIG. 47.

FIG. 51 illustrates a flowchart of steps performed by a second AccountAuthority in accordance with the preferred method of the sixth aspect ofthe present invention of FIG. 47.

DETAILED DESCRIPTION

As a preliminary matter, it readily will be understood by those personsskilled in the art that, in view of the following detailed descriptionof the devices, systems, and methods of the present invention, thepresent invention is susceptible of broad utility and application. Manyembodiments and adaptations of the present invention other than thoseherein described, as well as many variations, modifications, andequivalent arrangements, will be apparent from or reasonably suggestedby the present invention and the following detailed description thereof,without departing from the substance or scope of the present invention.Furthermore, those of ordinary skill in the art will understand andappreciate that although steps of various processes may be shown anddescribed in some instances as being carried out in a preferred sequenceor temporal order, the steps of such processes are not necessarily to belimited to being carried out in such particular sequence or order.Rather, in many instances the steps of processes described herein may becarried out in various different sequences and orders, while stillfalling within the scope of the present invention. Accordingly, whilethe present invention is described herein in detail in relation topreferred embodiments, it is to be understood that this detaileddescription only is illustrative and exemplary of the present inventionand is made merely for purposes of providing a full and enablingdisclosure of the present invention. The detailed description set forthherein is not intended nor is to be construed to limit the presentinvention or otherwise to exclude any such other embodiments,adaptations, variations, modifications and equivalent arrangements ofthe present invention, the present invention being limited solely by theclaims appended hereto and the equivalents thereof.

A. Overview of the Present Invention

The present invention generally comprises the linking in a reliablemanner of a public key of a device that generates digital signaturesusing public-private key cryptography to other information regarding thedevice within an environment in which the device is manufactured. Thepublic-private key pair preferably is generated within the device duringits manufacture; thereafter, the private key is retained securely withinthe device and never exported, and the public key may be retained withinthe device and exportable upon demand whenever needed.

In accordance with all of the aspects of the present invention, thedevice comprises hardware or firmware and, specifically, comprises acomputer chip, an integrated circuit, a computer-readable medium havingsuitable software therein, or a combination thereof. The device furthermay comprise a physical object such as a hardware token or an embeddedtoken, the token containing such a computer chip, integrated circuitry,or software, or combination thereof. If the device is a hardware token,it preferably takes the form of a ring or other jewelry; a dongle; anelectronic key; a card, such as an IC card, smart card, debit card,credit card, ID badge, security badge, parking card, or transit card; orthe like. If the device is an embedded token, it preferably takes theform of a cell phone; a telephone: a television; a personal digitalassistant (PDA); a watch; a computer; computer hardware; or the like.The device preferably includes a device interface comprising aport-including a wireless communications port, a serial port, a USBport, a parallel port, or an infrared port-or some other physicalinterface for communicating with an external electronic apparatus,whether contact or contactless. The device also may include a trustedplatform module (TPM) comprising hardware and software componentsproviding increased trust in a platform, as set forth and described inthe TCPA Documents cited above.

Some of these devices require use of an I/O support element to enablethe device to receive data representing a message, a Secret, or abiometric characteristic. Some of the devices require an I/O supportelement to receive specific types of data but not others. Some of thedevices require use of an I/O support element to transmit informationincluding digital signatures and messages to recipients. Some of thedevices are self-contained and can generate and transmit messages anddigital signatures without the use external apparatuses; some devices,although self-contained, are capable of interacting with such externalapparatuses, such as an I/O support element, if desired. An I/O supportelement may take the form of any number of different apparatuses,depending upon the particular application in which it is used anddepending upon the type of device with which interacts.

For applications of a device requiring high security, the device—or thedevice in combination with an I/O support element—preferably includesthe following components: a keypad (alphanumeric), interactive display,or other type of user data entry mechanism (collectively referred toherein as “User Interface”) that allows a user to compose or modify amessage; a User Interface for inputting data representing a Secret (itshould be noted that the User Interface for generating or modifying amessage may, but does not have to, be the same as the User Interface forthe entry of the data representing a Secret); a display for showing themessage and/or Secret to the user; a scanner or reader for receiving atleast one type of biometric data for a biometric characteristic of theuser; memory for securely storing the Secret of the authorized user,biometric data of the authorized user, and the private key; a processoror circuitry for verifying input of the Secret of biometric data asbeing that of the authorized user: a processor or circuitry forgenerating or originating digital signatures; and a means for outputtingfrom the device and transmitting information including the message anddigital signature therefor. Preferably, the device also includes memoryfor storing and exporting the public key associated with the particularprivate key, and for storing types of user information such as accountinformation, user ID, and the like. For lower security applications, notall of the above elements are necessary.

The public key linked information in the preferred embodiments of thepresent invention includes the Security Profile of the device. Asdefined above, the Security Profile preferably includes the securityfeatures of the device (including characteristics and authenticationcapabilities), as well as the manufacturing history of the device. It isimportant to know the security features of a device—rather than simply astated security level of the device—as technologies are developed overtime that reduce the effectiveness of such security features and,consequently, result in the decrease of the actual security level of thedevice. Unless upgrades are made, the security features of a device arepermanent while the security level of the device eventually willdecrease over time. By knowing the security features, the appropriatesecurity level of a device may be determined at any given time.Furthermore, by knowing the security characteristics of the device, arecipient is able to gauge a likelihood of whether the private key ofthe device has been compromised, and by knowing the authenticationcapabilities of the device (or lack thereof), a recipient is able togauge a likelihood of whether someone other than the authorized userutilized the device to generate a digital signature. Finally, by knowingthe manufacturing history of a device, the security features of thedevice may be revised as errors, omissions, flaws, security breaches, orpossible improprieties and the like are discovered as having occurredduring the manufacturing of the device.

A. Identifying PuK-Linked Information of Device Generating DigitalSignatures

1. First Preferred Embodiment

In accordance with the first aspect of the present invention, and withreference to FIG. 1, a first preferred embodiment is practiced within afirst preferred system 100 that includes a secure manufacturing facility102, devices manufactured at the facility 102 as represented by device104, the world 106, a recipient 108, and a secure database 110maintained by a Secure Entity 112. The facility 102 and the securedatabase 110 are located within a secure environment 114, whichrepresents any and all locations having a sufficient security rating soas not to compromise the security level of the device 104 manufacturedin the facility 102. As will be apparent, the facility 102 and thesecure database 110 need not be co-located at the same physical locationin order to be within the secure environment 114. Nor must themanufacturer of the device 102 be the Secure Entity 112 that maintainsthe secure database 110, although such possibility is within the scopeof the present invention.

The relevant manufacturing steps that are performed within the secureenvironment 114 are set forth in FIG. 2. With reference to both FIGS. 1and 2, a public-private key pair is generated (Step 202) within thedevice 104 during its manufacture in the facility 102 and before thedevice 104 is released from the secure environment 114. Preferably thepublic-private key pair is created with a random number generatordisposed within the device 104 itself. The private key 116 (PrK) isretained within the device 104, while the corresponding public key (PuK)118 is exported (Step 204) from the device 104 and recorded (Step 206)in the secure database 110 before the device 104 is released from thesecure environment 114. If desired, the public key 118 also may beretained (not shown) within the device 104 for later export upon demandafter release of the device 104 from the secure environment 114. Theprivate key 116 is utilized, for example, in generating a digitalsignature (DS) for a message (M) that is communicated to the recipient108. In addition to the public key 118, a Security Profile 120 of thedevice 104 is compiled and recorded (Step 208) in the secure database110 and indexed to the public key 118, whereby the Security Profile 120is retrievable from the secure database 110 based on knowledge of thepublic key 118. The public key 118 and Security Profile 120 are therebysecurely linked together.

Following population of the secure database 110 with the public key 118and Security Profile 120 of the device 104, the device 104 is releasedfrom the secure environment 114 into the world 106. The secure database110, however, is maintained (Step 210) in the secure environment 114 topreserve the integrity of the data recorded therein. Furthermore,following manufacture the security rating of the secured environment 114is maintained at a level that is at least as comparable to, andpreferably greater than, the security level of each device 104manufactured at the facility 102 for which the public key 118 andSecurity Profile 120 are maintained in the secure database 110.

With reference now to FIGS. 3-6, a digital signature (DS) is originated(Step 402) for a message (M) somewhere in the world 106 with a suspectdevice. The suspect device may be the genuine device 104 manufactured atthe facility 102 of FIG. 1 that is legitimately used, the genuine device104 that is fraudulently used, or a counterfeit device having a replicaof the private key 116 of the genuine device 104. The digital signaturethen is combined (Step 404) with the message to form an EC 122, which issent (Step 406) to the recipient 108 over any conventional secure orinsecure electronic communications network, such as the Internet or aprivate network.

The recipient 108 receives the EC 122 (Step 502) and attempts toauthenticate (Step 504) the message using a suspect device public key124. The suspect device public key 124 is provided to the recipient 108and, preferably, is included within the EC 122 that is received by therecipient 108, whereby the recipient 108 may readily attemptauthentication of the message. Alternatively, the suspect device publickey 124 is identified to the recipient 108 before or after receipt ofthe EC 122 in such a manner that the recipient 108 is able to associatethe suspect device public key 124 with the EC 122.

In any event, if the message successfully authenticates using thesuspect device public key 124, and if the message is the first messageauthenticated using the suspect device public key 124, then therecipient 108 sends (Step 506) the suspect device public key 124 to theSecure Entity 112 that manages the secure database 110 and requests aSecurity Profile associated with that public key 124. Communicationsbetween the recipient 108 and the Secure Entity 112 are by way of anyconventional secure or insecure electronic communications network, suchas the Internet or a private network.

When the Secure Entity 112 receives (Step 604) the suspect device publickey 124 from the recipient 108, the Secure Entity 112 compares (Step606) the suspect device public key 124 against the exported public keysmaintained in the secure database 110 to determine if there is a match.If a match is found, then the Security Profile associated with thematching exported public key is retrieved and, for the purpose ofmaintaining the integrity of the information during transit, digitallysigned (Step 608) by the Secure Entity 112. The Security Profile anddigital signature therefor create a “Security Certificate” (SC) 126 thatthen is forwarded (Step 610) to the recipient 108. Preferably, thepublic key 118 of the manufactured device 104 matching the suspectdevice public key 124 is included in the Security Certificate 126 forconfirmation by the recipient 108 of the public key 118 to which theSecurity Certificate 126 pertains.

Upon receipt (Step 508) of the Security Certificate 126 from the SecureEntity 112, the authenticity of the Security Certificate 126 is checked(Step 510) using a public key 128 (SE PuK) of the Secure Entity 112,which preferably has been communicated (Step 602) to the recipient 108beforehand. Subsequently, upon a successful authentication, the SecurityProfile contained in the authenticated Security Certificate 126 isidentified as the Security Profile 120 of the genuine device 104 towhich belongs the private key 116 used to digitally sign the message ofthe EC 122.

Thereafter, the recipient 108 gauges the risk of whether the use of theprivate key 116 of the genuine device 104 to digitally sign the messageof the EC 122 was fraudulent based on the identified Security Profile.The Security Certificate 126 also is recorded by the recipient 108 in an“in-house” database maintained by the recipient 108, whereby the samesuspect device public key 124 used to authenticate future ECs may bereferenced against this in-house database for identifying theappropriate Security Profile, rather than again sending a request forthe Security Profile to the Secure Entity 112. Accordingly, anotherrequest need not be made unless and until the Security Profile has beenupdated by the Secure Entity 112.

2. Second Preferred Embodiment

Briefly described, in a second preferred embodiment of the first aspectof the present invention a Secure Entity generates a referencecontaining device public keys and corresponding Security Profiles linkedthereto for a plurality of devices manufactured at a securemanufacturing facility and communicates the reference to a recipient.The reference is embodied in print or electronic media and includes alist of Security Profiles of manufactured devices indexed by theirrespective public keys. Furthermore, the reference preferably isdigitally signed by the Secure Entity, whereby the recipient maysecurely rely upon the information contained in the reference whensuccessfully authenticated with a public key of the Secure Entity.Thereafter, the recipient only need compare each suspect device publickey that successfully authenticates a message against the device publickeys included in the reference, rather than actually send each suspectdevice public key to the Secure Entity for a Security Profile. Therecipient thereby is readily able to identify the Security Profile ofthe genuine device to which belongs the private key used to digitallysign the message.

With particular reference to FIG. 7, and in accordance with this secondpreferred embodiment, a public-private key pair is created (Step 702)within each device during its manufacture and before the devices areremoved from a secure environment 714. The respective private key ofeach device is retained securely within the device, and the respectivepublic key is exported from each device (Step 704) and recorded (Step706) in a secure database together with the respective Security Profileof each device. The respective public key may also be retained withineach device and be exportable upon demand. Each Security Profile isindexed with the exported public key (Step 708) of the respectivedevice, whereby the Security Profile of the device is retrievable fromthe secure database based on the public key. Following population of thesecure database with the public key and Security Profile of the device,the Secure Entity creates and preferably digitally signs (Step 710) areference including the Security Profiles and public keys linkedtherewith for the respective devices. As will be appreciated by one ofordinary skill in the art, all of the Steps 702-710 occur within thesecure environment 714.

Following release of the devices from the secure environment 714, andwith reference now to FIGS. 8-11, a digital signature is originated(Step 902) for a message (M) somewhere in the world 806 with a suspectdevice, and the digital signature is combined (Step 904) with themessage to form an EC 822, which is then sent (Step 906) to therecipient 808. The recipient 808 receives the EC 822 (Step 1004) andattempts to authenticate (Step 1006) the message using a suspect devicepublic key sent within the EC 822 or otherwise provided to the recipient808.

Upon successful authentication of the message, the recipient 808compares the suspect device public key against the public keys includedin the reference 830 created by the Secure Entity 812. The reference 830is forwarded (Step 1106) to the recipient 808 and received andauthenticated (Step 1002) by the recipient 808 preferably before thereceipt of the EC 822. Also, in order that the recipient 808 mayauthenticate the reference 830, the public key 828 (SE PuK) of theSecure Entity 812 also preferably is communicated (Step 1102) in asecure manner beforehand. Then, if the suspect device public key matchesa public key in the reference 830, the Security Profile of the genuinedevice to which belongs the private key used to digitally sign themessage is identified. Subsequently, the recipient 808 is able to gauge,based on the identified Security Profile, a risk that the private key ofthe genuine device was fraudulently used to digitally sign the messageof the EC 822.

3. Third Preferred Embodiment

In a third preferred method, a Security Certificate is incorporated intoa manufactured device itself prior to its release from the secureenvironment of its manufacture. In this regard, and with reference toFIG. 12, a pair of keys are created (Step 1202) within the device duringits manufacture and before its release from a secure environment 1214.The private key is securely retained within the device, and the publickey is exported (Step 1204) from the device and may also be retainedwithin the device and be exportable upon demand. The exported public keyis combined with a Security Profile of the device and digitally signed(Step 1206) by the Secure Entity to form the Security Certificate. TheSecurity Certificate then is imported (Step 1208) into the device itselfand is exportable from the device with a digital signature for inclusionin an EC.

Thereafter, with reference to FIGS. 13-16, a suspect device originates(Step 1402) a digital signature for a message (M) somewhere in the world1306. The digital signature and Security Certificate of the device arethen exported from the device and combined (Step 1404) with the messageto form an EC 1322, which then is sent (Step 1406) to the recipient1308. Upon receipt (Step 1504) of the EC 1322 by the recipient 1308, thesuspect device public key identified in the Security Certificate is usedto authenticate (Step 1506) the message, and the Secure Entity's publickey 1328—which preferably is communicated (Step 1602) by the SecureEntity 1312 and received (Step 1502) by the recipient 1308 beforehand—isused to authenticate (Step 1508) the Security Certificate. Uponsuccessful authentication, the Security Profile of a genuine device towhich belongs the private key used to generate the digital signature isthereby identified to the recipient 1308. Based on the identifiedSecurity Profile, the recipient 1308 is able to gauge the risk that theprivate key of the genuine device was fraudulently used to digitallysign the message of the EC 1322. Furthermore, because the public key isbound with the Security Profile in the Security Certificate during themanufacture of the device in the secure environment, the recipient 1308is able to rely upon the Security Certificate corresponding, in fact, tothe genuine device.

Benefits of the third preferred embodiment of the first aspect of thepresent invention include the elimination of the requirement that therecipient 1308 transmit a suspect device public key to the Secure Entity1312, and the elimination of the requirement that the Secure Entity 1312transmit the a Security Profile directly to the recipient 1308. Ofcourse, a disadvantage to this preferred method is that the entiresystem is compromised if the Secure Entity's private key used todigitally sign Security Certificates is compromised.

4. Variations of the Preferred Embodiments

In the first and second preferred embodiments of the first aspect of thepresent invention set forth above, the Security Profile of each deviceis indexed in the secure database to the public key of the device and isretrievable from the secure database based on the public key. In avariation of these two preferred embodiments (not shown), the SecurityProfile and public key of each device is recorded in the secure databaseand are indexed to a unique device identifier, which may comprise, forexample, an account number written into the device during itsmanufacture, a serial number manufactured within the device during itsmanufacture, or the like. The device identifier is exportable from thedevice for inclusion with each digital signature generated by thedevice. Upon receipt of an EC including the digital signature and deviceidentifier, a recipient then obtains the suspect device public key bycross-referencing the device identifier with a known database orreference for public keys and Security Profiles linked therewith. Inthis regard, the recipient forwards the device identifier to a SecureEntity for identifying the suspect device public key and SecurityProfile therefor, or the recipient compares the device identifier in areference published by the Secure Entity that includes public keys andlinked Security Profiles indexed by device identifiers. The methodologyis similar to that described above for the first and second preferredembodiments, the primary difference being that the recipient mustcontact the Secure Entity or check a reference prior to attempting toauthenticate a received message. In the first and second preferredembodiments in which the Security Profile of each device is indexed toits public key, the recipient only need contact the Secure Entity orcheck a reference if the message first authenticates using the suspectdevice public key included with the message.

In a variation of the first, second, and third preferred embodiments ofthis aspect of the present invention, the Secure Entity receives the ECand, itself, identifies the Security Profile of the genuine device towhich belongs the private key used to digitally sign the message.Furthermore, the EC in this case either may be sent directly to theSecure Entity or may be forwarded to the Secure Entity by a recipientfor gauging of the risk that the private key of the genuine device wasfraudulently used to digitally sign the message.

Preferably, the steps set forth above with regard to FIGS. 5-6; FIGS.10-11; and FIGS. 15-16 are computer automated, and the entire sequenceof events of each respective group of figures occurs within a small timeinterval on the order of magnitude of minutes, if not seconds.

In view of the foregoing detailed description of preferred embodimentsof the first aspect of the present invention, it will be apparent tothose having ordinary skill in the art that by: creating the respectivepublic-private key pair of each device within the device itself beforerelease from the secure environment of its manufacture; exporting onlythe public key from the device and retaining the private key within thedevice against the possibility of export; and securely linking theexported public key of the device with other information within thesecure environment of manufacture of the device, each device is therebyrendered unique with respect to all of the other devices. Moreover,because of the secure environment in which the devices are manufacturedand the secure linking of the public key with the other information, theuniqueness of the devices may be relied upon by third-parties—such asfuture Account Authorities even though such third-parties may not havehad any control or involvement in the actual manufacturing of thedevices. The secure binding of the public key with each device withinthe environment of the manufacture of the device provides the requiredtrust for relying upon the uniqueness of the devices, as each device maybe authenticated based upon the private key retained therein, and onlytherein. Accordingly, the present invention further includes thismanufacturing process for devices.

A benefit this manufacturing process is that it provides the ability totransport devices from their place of manufacture to additionalprocessing facilities where the devices are initialized with regard toparticular Account Authorities without high levels of security otherwiseconventionally utilized. For example, armored cars and guards areroutinely used to protect the delivery of credit card and IC cardsupplies to a processing facility for initialization for a particularfinancial institution. Indeed, as a result of the manufacturing processof the present invention, a facility at which additional processingtakes place on behalf of a particular Account Authority now mayauthenticate each device prior to its initialization and independent ofthe transport of the device from the manufacturing facility. Moreover,because of the ability to authenticate a particular device immediatelyfollowing its manufacture and thereafter, the system of using of asingle device for making transactions on multiple accounts maintainedwith different Account Authorities is now enabled with higher levels oftrust not otherwise found in the conventional art.

B. Establishing Initial PuK-Linked Account Database

The second aspect of the present invention includes establishing aninitial PuK-linked account database and is based partially upon thefirst aspect of the present invention. In this regard, the establishmentof a database for a plurality of manufactured devices as describedabove-wherein each device has a unique record including its public keyand other information regarding the device-represents a database thatmay be built upon in creating an initial PuK-linked account database forplurality of customers and/or consumers (generically referred to hereinas “customers”) of a third-party.

Specifically, with reference to FIG. 17, a third-party 1732 providesservices and/or goods 1734 to each of a plurality of customers 1736 and,in connection therewith, maintains a database 1738 of account recordsfor the customers 1736. For example, and without limitation, thethird-party 1732 (herein referred to as an “Account Authority”) may be afinancial institution including a bank, finance company, or insurancecompany, merchant; Internet service provider; telecommunicationprovider; medical provider; government entity; or utility company. Theaccount database 1738 typically is established one account at a time ona per customer basis is each customer 1736 engages the Account Authority1732, and each database record for the customer 1736 typically isindexed within the database 1738 by a unique account number.

In accordance with the second aspect of the present invention, and withreference to FIG. 18, a predetermined number of devices 1804 aremanufactured in a secure environment 1814 in accordance with the firstand second preferred embodiments of the first aspect of the presentinvention. In accordance with the second aspect of the presentinvention, the devices 1804 are earmarked for the Account Authority1732, and database records 1840 in the secure database 1810corresponding to the devices 1804 are communicated in a secure manner1814′ to the Account Authority 1732. The earmarked devices 1804 also aredistributed to the customers 1736 of the Account Authority 1732.

Upon receipt of the PuK-linked database records 18440 by the AccountAuthority 1732, the database records 1840 represent an initialPuK-linked account database for the Account Authority 1732. The databaserecords 1840 preferably include the public keys 1818 of the devices 1804and the Security Profiles 1820 of the devices 1804 as described abovewith respect to the first and second preferred embodiments of the firstaspect of the present invention. Moreover, the database records 1840 arepreferably digitally signed by the Secure Entity 1812 for security intransit from the Secure Entity 1812 to the Account Authority 1732.

An example of the preferred database records 1840 are shown in FIG. 19.As set forth in the background section above, the Security Profileincludes security features of the device—specifications for which areset forth for example in FIPS PUBS 140-1 and 140-2—as well as amanufacturing history of the device as specified, for example, in SmartCard Protection Profile. Moreover, in accordance with the preferredembodiments of the present invention the security features of theSecurity Profile include security characteristics and authenticationcapabilities of the device.

Once received, the Account Authority 1732 updates the PuK-linked accountdatabase records with specific information of the customers 1736 andtheir accounts. However, before such an association is made between aparticular customer's account and a record of the initial PuK-linkedaccount database, the particular customer 1736 preferably isauthenticated to the Account Authority 1732 with respect to thatcustomer's account. Accordingly, entity authentication techniques areused for authenticating the customer 1736 with respect to a record inthe account database. Such authentication techniques may includequestioning the particular customer 1736 about specific-accountassociated information in the record or requiring the particularcustomer 1736 to provide a Secret or other entity information, such asthe maiden name of the mother of the customer (Factor B EntityAuthentication).

Additionally, the Account Authority 1732 preferably verifies that acustomer 1736 has received the correct device 1804. The device 1804received by a customer 1736 is identified by having the customer 1736digitally sign a message with the private key of the device 1804 andtransmit the message and digital signature in a respective EC 1822 thatis sent to the Account Authority 1732 for Factor A EntityAuthentication. The Account Authority 1732 authenticates the messageusing a public key of the device 1804 that preferably is included in theEC 1822. Furthermore, upon a successful authentication of the message,the Account Authority 1732 identifies the record in the initialPuK-linked account database corresponding to the public key successfullyauthenticating the message for association with the account of thecustomer 1736.

If additional security is required, each device may include aninitialization PIN that first must be entered by a customer beforefunctioning. Upon the correct entry of the initialization PIN, eachcustomer preferably then enters a personalization PIN that must beentered, for example, each time the device is used thereafter. Theinitialization PINs preferably are distributed to the customersseparately from the devices. Moreover, the use of an initialization PINand a personalization Pin in each device preferably is included in eachdatabase record as part of the authentication capabilities of therespective device.

A number of alternative techniques for verifying that the customersreceived the correct cards also could be used. For example, eachcustomer could be required to call a particular number from his or herhome and input over the telephone a number printed on each respectivedevice in order to effect association of the device with the customer'saccount.

Once sufficient authentication is completed, the customer-specificinformation may be associated with the PuK-linked account databaserecord in various ways. First, the initial PuK-linked account databaserecord may be merged with a preexisting account database of the customermaintained by the Account Authority, which contains thecustomer-specific information. Second, the initial PuK-linked accountdatabase may be maintained separately from but indexed by an identifierwith a preexisting account database of the customer containing thecustomer-specific information. Third, the Account Authority simply mayobtain the customer-specific information from the customer followingauthentication and update the PuK-linked account database recordaccordingly.

This second aspect of the present invention also is useful inestablishing accounts for new customers of the Account Authority. Inthis regard, devices are distributed in the same manner as set forth inFIG. 18, but to potential customers of the Account Authority rather thanto existing customers. However, in this scenario entity authenticationwith respect to preexisting accounts is not required, as new accountsare established by the potential customers. Nevertheless, Factor AEntity Authentication remains important in associating a customer withone of the particular PuK-linked records.

With respect to the establishment of new accounts, under an “anonymous”framework the manufactured devices are distributed to the customers, andthe goods and/or services are provided to the customers without regardto any customer-specific information, i.e., the goods and/or servicesare provided on a per device basis as identified by the public key ofthe device, and are not necessarily on a per customer basis. Thus, uponsuccessful authentication with a public key of a message digitallysigned by one of the devices, the account identified by the public keyis activated and nothing further is required.

On the other hand, under a “personalized” framework each new customerprovides customer-specific information to the Account Authority, and theAccount Authority updates the initial PuK-linked account database byassociating the customer-specific information with the respectivePuK-linked database record of that customer's device (as identified bythe public key of that device). Again, the Account Authority in thissituation does not need to authenticate the new customer with respect toany existing account.

An example of a new business method of establishing a initial PuK-linkedaccount database in accordance with the second aspect of the presentinvention comprises establishing new customers for an Internet serviceprovider (ISP). First, a number of manufactured devices such as dongles,for instance, are manufactured in accordance with the first aspect ofthe present invention and mailed to a plurality of prospective customersof the ISP. Each dongle is packaged with a CD-ROM including software forsetting up and connecting to the ISP and the Internet from a potentialcustomer's computer. The dongle and CD-ROM also may be distributed as aninsert in a magazine, for example. Upon receipt, the prospectivecustomer installs the software in his or her computer and attaches thedongle to an appropriate port of the computer. Then, when the computerconnects with the ISP, an EC is communicated to the ISP that includes adigital signature generated utilizing a private key retained within thedongle as well as a public key retained within and exported from thedongle. Upon receipt of the EC, the ISP authenticates the message usingthe public key included with the message. Upon authentication, then theISP compares for a match the public key received with the linked publickeys in the initial PuK-linked account database and activates theaccount having the matching public key. The account record may include acredit of 100 hours of free internet surfing, for example, as apromotional introduction to the ISP. In this example, nocustomer-specific information is required and the account is setup underan anonymous framework.

Alternatively, the ISP may require customer-specific information inorder to activate the new account, including billing and credit cardinformation from the customer. Upon receipt thereof, the identifiedrecord in the PuK-linked account database is updated with thiscustomer-specific information and the account is activated. A resultingupdated PuK-linked account database 2040 of the ISP after activation ofseveral accounts might resemble, for instance, that of FIG. 20.

Upon activation of the account, the account preferably is assigned aunique account identifier that is included with each message sent to theISP for identifying the account to which the message relates. A User IDor account number may serve as the account identifier. The public key isrecorded in the PuK-linked account database whereby, upon identifyingthe appropriate account record with the account identifier, thedigitally signed message is authenticated with the associated publickey. Alternatively, the public key itself may serves as the accountidentifier. In either case, access is granted to its network and theInternet by the ISP upon a successful authentication of a digitallysigned message (Factor A Entity Authentication).

Another example of a new business method utilizing the aforementionedestablishment of a initial PuK-linked account database of this secondaspect of the present invention comprises setting up existing customersof a financial institution with IC cards to be used as check cards. Inthis example, a number of IC cards are manufactured in accordance withthe first aspect of the present invention and mailed to a plurality ofexisting customers of the financial institution who have requested theIC cards. Each manufactured IC card includes a respective initializationPIN that must be sent to the financial institution for activation of theIC card for use on the account. The respective initialization PIN ismailed to each customer separately from the corresponding IC card.Furthermore, each IC card includes recorded therein the account numberof the customer to which it is mailed.

The database records of the IC cards recorded in the secure database aretransmitted to the financial institution in a secure manner. Uponreceipt, the database records represent the initial PuK-linked accountdatabase which then are updated and/or merged with the records of thecustomers in a preexisting account database maintained by the financialinstitution, the resulting database being a PuK-linked account database.A resulting PuK-linked account database 2140 might resemble, forinstance, that of FIG. 21.

Upon separate receipt by each customer of the IC card and initializationPIN, the customer first uses the IC card at an ATM machine of thefinancial institution by entering the initialization PIN and thencommunicating to the financial institution an EC including the PIN fromthe customer and account number from the IC Card digitally signed withthe IC card. Upon receipt of the EC, the financial institutionauthenticates the sender of the EC by retrieving the authorized PIN fromthe identified account number in the EC and comparing the authorized PINwith the PIN transmitted in the EC. The financial institution similarlyauthenticates the message with the public key associated with theidentified account number. Upon successful verification of the PIN andsuccessful message authentication, the financial institution activatesthe IC card within the record for use as a check card on the account.Furthermore, after activation of the IC card, messages in ECsrepresenting transactions on the account need only be digitally signedwith the IC card and include the account number of the customer. SuchECs need not include any personal information of the customer, such asthe customer's name, billing address, a PIN, etc.

C. Establishing Multiple Third-party Accounts with PuK-Linked DatabaseRecord

The third aspect of the present invention includes establishing multiplethird-party accounts with a PuK-linked database record and is basedpartially upon the first and second preferred embodiments of the firstaspect of the present invention. In this regard, and with reference toFIG. 22, a device 2204 that generates digital signatures is manufacturedwithin a secure environment 2214. Before the device 2204 is releasedfrom the secure environment 2214, the public key 2218 of the device 2204plus some other information is recorded as a database record 2275 in asecure database 2210; preferably, the other information includes theSecurity Profile 2220 of the device 2204, as described above withrespect to the first aspect of the present invention. The device 2204then is distributed to a customer 2232 and the customer 2232 establishesa respective account with each one of a plurality of desired AccountAuthorities 2242,2244,2246.

In accordance with the third aspect of the present invention, eachPuK-linked account of the customer 2232 is established based upon, atleast in part, a communication of the PuK-linked database record 2248from the secure database 2210 to each of the desired Account Authorities2242,2244,2246. As set forth above, the PuK-linked database record 2248preferably includes the public key 2218 and Security Profile 2220 of thedevice 2204 linked thereto by the Secured Entity 2212. Furthermore, thedatabase record 2248 is communicated in a secure manner 2214′ so as topreserve the integrity of the database record 2248.

When received by a respective Account Authority 2242,2244,2246, thepublic key 2218 linked to the Security Profile 2220 of the databaserecord 2248 represents an initial PuK-linked account database record ofthe customer 2232 with the respective Account Authority and, if thecustomer 2232 is an existing customer of the respective AccountAuthority, then the initial PuK-linked account database record 2248preferably is associated with the existing account database record ofthe customer 2232. However, the association of the PuK-linked accountdatabase record 2248 received from the Secure Entity 2212 with theexisting account database record of the customer 2232 preferably isperformed only after the receipt of the correct device 2204 by thecustomer 2232 has been verified through one or more of theaforementioned authentication techniques with regard to the secondaspect of the present invention.

If the initial PuK-linked account database record represents the onlyaccount database record for the customer 2232 (i.e., if the customer isnew to an Account Authority), then under a personalized framework thecustomer 2232 supplies customer-specific information to the AccountAuthority for recording with the initial PuK-linked account databaserecord of the customer 2232. Under an anonymous framework, nocustomer-specific information need be provided.

Also under the personalized framework, the device 2204 is activated foruse on each account when the customer 2232 sends a message digitallysigned using the device 2204 in a respective EC 2222 to each AccountAuthority 2242,2244,2246, and when the digitally signed message isauthenticated by the respective Account Authority 2242,2244,2246 usingthe public key associated with the respective PuK-linked accountdatabase record 2248.

Under the anonymous framework, each respective account established withan Account Authority 2242,2244,2246 is activated when the customer 2232sends a message digitally signed using the device 2204 in a respectiveEC 2222 to each Account Authority 2242,2244,2246, and when the digitallysigned message is authenticated by the respective Account Authority2242,2244,2246 using the public key associated with the respectivePuK-linked account database record 2248.

D. Insuring Transactions Based on Identified Security Characteristics ofa Device That Generates Digital Signatures

The fourth aspect of the present invention includes the insuring of atransaction represented by an EC that is digitally signed. Furthermore,the insurance preferably is provided on a per transaction basis. Forinstance, a recipient represented for example by a financial institutionthat receives an EC instructing it to make a wire transfer of $250,000out of an account of one of its customers, and that is authenticated,nevertheless may desire to insure that the EC is not fraudulent.

Reliable knowledge of security features of the device to which belongsthe private key used to generate the digital signature of the ECconventionally has been lacking when such a transaction is insured. Anentity insuring the transaction (“Insuring Entity”), which gauges therisk that the EC was fraudulently sent and which calculates the premiumto be charged based on such risk, therefore would be forced to err onthe high side in insuring such transaction.

Now, in view of the first aspect of the present invention, securityfeatures of the device to which belongs the private key used to generatethe digital signature of the EC can be reliably identified. Moreover,the manufacturing history of the device also can be reliably identifiedat the same time. Accordingly, the risk that a particular digitallysigned EC has been fraudulently sent can be gauged with greateraccuracy, and it is believed that the premium charged for such insurancemay be lowered based on this greater knowledge and the consequentreduced risk of the transaction. Additionally, this greater knowledgegives rise to a more targeted premium structure for insuring a pluralityof transactions, wherein different rates are based, at least in part, onthe varying identified security features of devices generating digitalsignatures.

A system in which preferred embodiments of this fourth aspect of thepresent invention are implemented is illustrated in FIG. 23, wherein aplurality of devices 2304 are manufactured at a secure manufacturingfacility 2302 in a secure environment 2314 in accordance with the firstaspect of the present invention. Each of the devices 2304 includes aprivate key retained therein for which a public key 2318 correspondingthereto is linked with a Security Profile 2320 thereof in a securedatabase 2310 maintained by a Secure Entity 2312. After manufacture, thedevices 2304 are released from the secure environment 2314 into theworld 2306, with one of the devices ultimately reaching a customer of aFinancial Institution 2350 and becoming associated with an account ofthe customer maintained at the Financial Institution 2350.

In accordance with a first preferred embodiment of this fourth aspect ofthe present invention, and as illustrated in FIGS. 24-28, a digitalsignature is generated (Step 2502) for a message including a request fora wire transfer of $250,000 from the account of the customer maintainedat the financial institution 2350. The digital signature is combined(Step 2504) with the message for the wire transfer to form an EC 2322that is then sent (Step 2506) from somewhere in the world 2306 to theFinancial Institution 2350. The EC 2322 preferably includes the numberfor the account from which the transfer is to be made.

Upon receipt (Step 2602) of the EC 2322, the Financial Institution 2350authenticates (Step 2604) the message of the EC 2322 using the publickey associated with the account identified in the EC 2322, and thendetermines whether to honor the instruction contained in the EC 2322and, if so, whether to insure the transaction represented by the EC2322. The determination of whether to honor the instruction preferablyis based, at least in part, upon the security features and manufacturinghistory identified in accordance with the first aspect of the presentinvention.

Upon an affirmative determination to insure the transaction representedby the EC 2322, the Financial Institution 2350 forwards (Step 2606) theEC 2322 to the Insuring Entity 2352 together with the public key. Uponreceipt (Step 2702), the Insuring Entity 2352 authenticates (Step 2704)the message of the EC 2322 with the public key to confirm authenticationof the message and, upon successful authentication, the Insuring Entity2352 sends (Step 2706) the public key to the Secure Entity 2312.

Upon receipt (Step 2804) of the public key, the Secure Entity 2312compares (Step 2806) for a match the public key against the linkedpublic keys maintained in the secure database 2310. If a match is found,then the Security Profile linked with the matching public key isretrieved (Step 2808) and, for the purpose of maintaining the integrityof the information during transit, digitally signed (also in Step 2808)by the Secure Entity 2312 to form a Security Certificate 2326. TheSecurity Certificate 2326 then is sent (Step 2810) to the InsuringEntity 2352. Preferably, the matching public key is included in theSecurity Certificate 2326 for confirmation by the Insuring Entity 2352of the public key to which the Security Certificate 2326 pertains. Uponreceipt (Step 2708) of the Security Certificate 2326 by the InsuringEntity 2352, the authenticity of the Security Certificate 2326 isconfirmed (also Step 2708) using a public key 2428 (SE PuK) of theSecure Entity 2321, which preferably is communicated (Step 2802) to theInsuring Entity 2352 beforehand. Subsequently, the Security Profilecontained in the authenticated Security Certificate 2326 is identifiedby the Insuring Entity 2352 as the Security Profile of the manufactureddevice to which belongs the private key used in digitally signing themessage of the EC 2322.

Based on the identified Security Profile, the Insuring Entity 2352 isable to gauge a risk that the private key of the manufactured device wasfraudulently used in digitally signing the message of the EC 2322 and,in turn, the Insuring Entity 2352 is able to classify the transactionthereof for a corresponding premium rate. The corresponding premium ratefor the particular classification of the transaction then is applied tothe monetary value of the transaction for which insurance is sought(i.e., to the $250,000 in the present wire transfer example), and theactual premium to be charged for the particular transaction in questionis calculated. Confirmation 2354 of insurance coverage then is sent(Step 2710) by the Insuring Entity 2352 to the Financial Institution2350. The coverage confirmation 2354 preferably includes the identifiedSecurity Profile, applicable premium rate, and calculated premium to becharged to the Financial Institution 2350 for the particular transactionrepresented by the EC 2322. The coverage confirmation 2354 also ispreferably digitally signed by the Insuring Entity 2352 to preserve theintegrity of the coverage confirmation 2354 during transit. Upon receiptand authentication (Step 2608) of the coverage confirmation 2354, theFinancial Institution 2350 makes (Step 2610) the requested wire transfer2356.

As in the first preferred embodiment, in the second preferred embodimentof the fourth aspect of the present invention, a plurality of devicesare manufactured at a secure manufacturing facility in a secureenvironment. Each of the devices includes a private key retained thereinfor which a public key corresponding thereto is linked with a SecurityProfile thereof in a secure database maintained by a Secure Entity.After manufacture, the devices are released from the secure environmentinto the world, with one of the devices ultimately reaching a customerof a Financial Institution and becoming associated with an account ofthe customer maintained at the Financial Institution.

Unlike the first preferred embodiment, and as illustrated in FIGS.29-33, the second preferred embodiment differs from the first preferredembodiment of the fourth aspect of the present invention in that theSecure Entity 2912 creates and communicates a reference 2930 containingpublic keys and corresponding Security Profiles of manufactured devicesto the Insuring Entity 2952, rather than sending a Security Certificatefor a particular one of the manufactured devices as in the firstpreferred embodiment of FIGS. 24-28. Nor does the Insuring Entity 2952send a public key to the Secure Entity 2912 for identifying a SecurityProfile from a secure database 2910.

With particular regard to the sequence of events, the Secure Entity 2912generates (Step 3304) the reference 2930 containing public keys andlinked security features for all of the devices associated with theaccounts of the Financial Institution 2950, and then forwards (Step3306) the reference 2930 to the Insuring Entity 2952. The informationregarding which devices are associated with the accounts of theFinancial Institution 2950 is known by the Secure Entity 2912 in thesecond and third aspects of the present invention and, alternatively, isidentified to the Secure Entity 2912 by either the Financial Institution2950 or by the insuring Entity 2952. The reference 2930 preferably iscompiled in accordance with the first aspect of the present invention asillustrated in FIGS. 7-11, and preferably is digitally signed by theSecure Entity 2912 to preserve the integrity of the information thereinduring transit and storage. A public key 2928 of the Secure Entity 2912is preferably communicated (Step 3302) in a secure manner to theInsuring Entity 2952 beforehand. Upon receipt thereof (Steps 3202 and3204), the Insuring Entity 2952 authenticates (Step 3206) the reference2930 with the public key 2928 of the Secure Entity 2912.

Thereafter, a digital signature is originated (Step 3002) for andcombined (Step 3004) with a message that includes a wire transferrequest for a particular account number maintained at the FinancialInstitution 2950 to form an EC 2922. The EC 2922 then is sent (Step3006) to the Financial Institution 2950. Upon receipt (Step 3102) of theEC 2922, the Financial Institution 2950 authenticates (Step 3104) themessage of the EC 2922 using the public key associated with the accountidentified in the EC 2922, and then determines whether to honor theinstruction contained in the EC 2922 and, if so, whether to insure thetransaction represented by the EC 2922. The determination of whether tohonor the instruction preferably is based, at least in part, upon thesecurity features and manufacturing history identified in accordancewith the first aspect of the present invention.

Upon an affirmative determination to insure the transaction representedby the EC 2922, the Financial Institution 2950 forwards (Step 3106) theEC 2922 to the Insuring Entity 2952 together with the public key. Uponreceipt (Step 3208) of the EC 2922, the Insuring Entity 2952authenticates (Step 3210) the message of the EC 2922 with the public keyto confirm authentication of the message and, upon successfulauthentication, the Insuring Entity 2952 compares for a match the publickey against the linked public keys in the reference 2930 to identify(Step 3212) a matching public key and the Security Profile linkedtherewith. The Security Profile thereby identified represents theSecurity Profile of the manufactured device to which belongs the privatekey used in digitally signing the message of the EC 2922.

Based on the identified Security Profile, the Insuring Entity 2952 isable to gauge a risk that the private key of the manufactured device wasfraudulently used in digitally signing the message of the EC 2922 and,in turn, the Insuring Entity 2952 is able to classify the transactionthereof for a corresponding premium rate. The corresponding premium ratefor the particular classification of the transaction then is applied tothe monetary value of the transaction for which insurance is sought(i.e., to the $250,000 in the present wire transfer example), and theactual premium to be charged for the particular transaction in questionis calculated. Confirmation 2954 of insurance coverage is then sent(Step 3214) by the Insuring Entity 2952 to the Financial Institution2950. The coverage confirmation 2954 preferably includes the identifiedSecurity Profile, applicable premium rate, and premium to be charged tothe Financial Institution 2950 for the particular transaction of the EC2922. The coverage confirmation 2954 also is preferably digitally signedby the Insuring Entity 2952 to preserve the integrity of the coverageconfirmation 2954 during transit. Upon receipt and authentication (Step3108) of the coverage confirmation 2954, the Financial Institution 2950makes (Step 3110) the requested wire transfer 2956.

In a variation of this second preferred method of the fourth aspect ofthe present invention, as illustrated in FIGS. 34-38, a Secure Entity3412 communicates a reference 3430 to a Financial Institution 3450rather than to an Insuring Entity 3452. The reference 3430 then isforwarded to the Insuring Entity 3452 by the Financial Institution 3450.Otherwise, the steps are the same as those described with reference tothe second method of the fourth aspect of the present inventionillustrated in FIGS. 29-33.

In particular, the Secure Entity 3412 creates (Step 3802) the reference3430 including the public keys and linked security features for all ofthe devices associated with the accounts of the Financial Institution3450, and then sends (Step 3804) the reference 3430 to the FinancialInstitution 3450. Upon receipt (Step 3602), the Financial Institution3450 sends (Step 3604) the reference 3430 to the Insuring Entity 3452and, in turn, the Secure Entity 3412 sends (Step 3806) its public key3428 to the Insuring Entity 3452 in a reliable manner. Upon receipt ofthe reference 3430 (Step 3702) and the public key 3428 of the SecureEntity 3412 (Step 3704), the Insuring Entity 3452 authenticates (Step3706) the reference 3430.

Thereafter, a digital signature is originated (Step 3502) for andcombined (Step 3504) with a message regarding the wire transfer to forman EC 3422. The EC 3422 is then sent (Step 3506) to the FinancialInstitution 3450. Upon receipt (Step 3606) of the EC 3422, the FinancialInstitution 3450 authenticates (Step 3608) the message of the EC 3422using the public key associated with the account identified in the EC3422 from which the transfer is to be made, and then determines whetherto honor the instruction contained in the EC 3422 and, if so, whether toinsure the transaction represented by the EC 3422. The determination ofwhether to honor the instruction preferably is based, at least in part,upon the security features and manufacturing history identified inaccordance with the first aspect of the present invention.

Upon an affirmative determination to insure the transaction representedby the EC 3422, the Financial Institution 3450 forwards (Step 3610) theEC 3422 to the Insuring Entity 3452 together with the public key. Uponreceipt (Step 3708) of the EC 3422, the Insuring Entity 3452authenticates (Step 3710) the message of the EC 3422 with the public keyto confirm authentication of the message and, upon successfulauthentication, the Insuring Entity 3452 compares for a match the publickey against the linked public keys in the reference 3430 to identify(Step 3712) a matching public key and the Security Profile linkedtherewith. The Security Profile thereby identified represents theSecurity Profile of the manufactured device to which belongs the privatekey used in digitally signing the message of the EC 3422.

Based on the identified Security Profile, the Insuring Entity 3452 isable to gauge a risk that the private key of the manufactured device wasfraudulently used in digitally signing the message of the EC 3422 and,in turn, the Insuring Entity 3452 is able to classify the transactionthereof for a corresponding premium rate. The corresponding premium ratefor the classification of the transaction then is applied to themonetary value of the transaction for which insurance is sought (i.e.,to the $250,000 in the present wire transfer example), and the actualpremium to be charged for the particular transaction at question iscalculated. Confirmation 3454 of insurance coverage then is sent (Step3714) by the Insuring Entity 3452 to the Financial Institution 3450. Thecoverage confirmation 3454 preferably includes the identified SecurityProfile, applicable premium rate, and premium to be charged to theFinancial Institution 3450 for the particular transaction of the EC3422. The coverage confirmation 3454 also is preferably digitally signedby the Insuring Entity 3452 to preserve the integrity of the coverageconfirmation 3454 during transit. Upon receipt and authentication (Step3612) of the coverage confirmation 3454, the Financial Institution 3450makes (Step 3614) the requested wire transfer 3456.

In a third preferred method of the fourth aspect of the presentinvention, a Security Certificate is incorporated into the manufactureddevice itself prior to the release of the device from the secureenvironment in accordance with the third preferred embodiment of thefirst aspect of the present invention. Accordingly, as illustrated inFIGS. 39-43, when a suspect device originates (Step 4002) a digitalsignature somewhere in the world 3906, the Security Certificate isincluded (Step 4004) with the digital signature and message in an EC3922, which then is sent (Step 4006) to a Financial Institution 3950.Upon receipt (Step 4102) of the EC 3922 by the Financial Institution3950, the public key identified in the Security Certificate is used toauthenticate (Step 4104) the message. Thereafter, if insurance isdesired for the transaction, the Financial Institution 3950 forwards(Step 4106) the EC 3922 to the Insuring Entity 3952. The determinationof whether to honor the instruction preferably is based, at least inpart, upon the security features and manufacturing history identified inthe Security Certificate in accordance with the first aspect of thepresent invention.

Upon receipt (Step 4204), the Insuring Entity 3952 authenticates (Step4206) the message with the public key set forth in the SecurityCertificate to confirm authentication of the message. The InsuringEntity 3952 also authenticates (Step 4208) the Security Certificate withthe public key 3928 of the Secure Entity 3912, which preferably iscommunicated (Step 4302) by the Secure Entity 3912 and received (Step4202) by the Insuring Entity 3952 beforehand. The Security Profile ofthe manufactured device to which properly belongs the private key usedin generating the digital signature for the message of the EC 3922thereby is identified to the Insuring Entity 3952.

Based on the identified Security Profile, the Insuring Entity 3952 isable to gauge a risk that the private key of the manufactured device wasfraudulently used in digitally signing the message of the EC 3922 and,in turn, the Insuring Entity 3952 is able to classify the transactionthereof for a corresponding premium rate. The corresponding premium ratefor the classification of the transaction then is applied to themonetary value of the transaction for which insurance is sought (i.e.,to the $250,000 in the present wire transfer example), and the actualpremium to be charged for the particular transaction at question iscalculated. Confirmation 3954 of insurance coverage then is sent (Step3714) by the Insuring Entity 3952 to the Financial Institution 3950. Thecoverage confirmation 3954 preferably includes the identified SecurityProfile, applicable premium rate, and premium to be charged to theFinancial Institution 3950 for the particular transaction of the EC3922. The coverage confirmation 3954 also is preferably digitally signedby the Insuring Entity 3952 to preserve the integrity of the coverageconfirmation 3954 during transit. Upon receipt and authentication (Step3612) of the coverage confirmation 3954, the Financial Institution 3950makes (Step 3614) the requested wire transfer 3956.

Under any of the preferred methods of the fourth aspect of the presentinvention, the actual billing of the premium by an insuring entity to aFinancial Institution preferably is performed on a regularly scheduledperiod, such as monthly. Furthermore, the premium rates for eachtransaction classification preferably are determined in accordance witha prearranged insurance contract entered into between the FinancialInstitution and Insuring Entity. In this regard, the greater thesecurity level met by a device at the time of the transaction, the lowerthe premium rate should be. Furthermore, the coverage confirmations ofall insured transactions for a time period received by the FinancialInstitution readily may be utilized by the Financial Institution to keepa running tab on the amount of the premium to be billed by the InsuringEntity for such time period.

Preferably, the steps set forth above with regard to FIGS. 26-28; FIGS.31-33; FIGS. 36-38; and FIGS. 41-43 are computer automated, and theentire sequence of steps for each respective group of figures occurswithin a small time interval on the order of magnitude of at leastminutes, if not seconds.

As opposed to insurance provided on a per transaction basis, insurancealso may be provided on a per device basis, possibly subject to certainlimits. In this case, each EC would not be sent to the Insuring Entityas in the preferred methods in which insurance is provided on a pertransaction basis. Rather, under this scenario insurance preferably isprovided to an Account Authority (such as a financial institution) fortransactions of the Account Authority's customers who send digitallysigned messages. In accordance with the fourth aspect of the presentinvention, each message is digitally signed with a retained private keyof a device manufactured in accordance with the first aspect of thepresent invention, i.e., a manufactured device for which informationpreferably such as the Security Profile reliably is identified. Forexample, a financial institution that maintains a PuK-linked accountdatabase of its customers that is established under either of the secondor third aspects of the present invention, and which includes theidentified Security Profiles in the PuK-linked account database records,may obtain insurance for all devices of its customers in accordance withthe fourth aspect of the present invention. The insurance is providedfor each device at a premium that is based, at least in part, on theidentified Security Profile of the device to which the device's publickey is linked. The ability reliably to know the Security Profile of eachdevice as provided by the first aspect of the present invention permitsdifferentiation in premiums charged as between the devices to reflectthe different levels of risk that may be associated with the devices.

E. Gauging Whether EC on Account is Fraudulent Based on PuK-LinkedInformation of Device Generating Digital Signatures

A fifth aspect of the present invention includes gauging the risk ofwhether a message of an EC representing a transaction on an account anddigitally signed with a device is fraudulent and, based thereon,determining whether to perform the transaction. Gauging of the risk isbased on identified information that was securely linked with a publickey of the device at the time of its manufacture, including the securityfeatures and manufacturing history of the device, and preferablyincorporates the first aspect of the present invention. Gauging of therisk also is based on additional factors, including the transactionalaccount history of digital signatures authenticated using the publickey, the environment in which the digital signature for the EC wasoriginated, and other account or business-specific factors, such aswhether the transaction is even capable of being performed on theaccount.

An example of an account database maintained by an Account Authority fora plurality of user accounts in accordance with the fifth aspect of thepresent invention is illustrated in FIG. 44. This account databasecorresponds with that of FIG. 21 with “Transactional History” and“PuK-to-Account Authentication” information for each account being addedto the account records in conjunction with the Security Profile to form“Risk Management Information.” The security features and manufacturinghistory of the device, as well as the public key linked therewith, areassociated with the account and may be obtained by an Account Authorityas set forth above with respect to the first, second, or third aspectsof the present invention, or through any other process consideredtrustworthy by the Account Authority.

The transactional account history is recorded on the account by theAccount Authority, preferably as digitally signed ECs are received. Inparticular, the Account Authority records the transaction details ofeach EC in a record of the account. The transactional history mayinclude such factors as the geographic locations of use, amounts oftransaction, and frequency of transactions, all of which may be trackedand evaluated by the Account Authority in monitoring for possible fraud.Information such as the number of incorrect entries of data representinga Secret or biometric characteristic used to authenticate a user of thedevice also may be monitored by the Account Authority, which also mayserve to indicate possible fraud.

The PuK-to-Account Authentication is the authentication techniqueemployed when the public key and PuK-linked information were associatedwith the account maintained by the Account Authority. This informationis important in evaluating the risk to be accorded the initialassociation of the public key and PuK-linked information with theaccount.

Also in accordance with the fifth aspect of the present invention, theAccount Authority notes any factors known about the environment in whichthe digital signature for the message was originated. Indeed, theenvironment in which the device is used often is communicated within theEC itself. For example, in financial transactions involving creditcharges, an Account Authority—such as an issuing bank—is able todetermine whether a card was present at a point of sale for atransaction, or whether the charge occurred otherwise, such as over theInternet. The former scenario is believed to involve a risk of fraudthat is substantially less than that of the later scenario. In anotherexample, when an external apparatus such as an I/O support element isused in conjunction with a device to compose a message and originate adigital signature, information regarding the I/O support element ispreferably included in the environmental information communicated in theEC. For instance, an I/O support element also may digitally sign an EC,and information regarding the I/O support element linked to the publickey of the I/O support element preferably is identified in accordancewith the first aspect of the present invention. Indeed, the device mayinclude a card reader comprising hardware and software componentsdesigned in accordance with the technical specifications published byCEN/ISSS as a result of the well-known Financial Transactional IC CardReader Project (known commonly as “FINREAD”).

A preferred embodiment in accordance with this aspect of the presentinvention is illustrated in FIG. 45, wherein an Account Authorityreceives (Step 4502) an EC including a message and a digital signaturetherefor. The digitally signed message includes an instruction thereinrepresenting a transaction on a particular account as identified in theEC by a unique account number. Upon receipt, the Account Authorityretrieves (Step 4504) a public key associated with the particularaccount and then attempts to authenticate (Step 4506) the message of theEC using the public key. If the message does not authenticate in Step4508, then the Account Authority rejects (Step 4510) the message. If themessage authenticates in Step 4508, then the Account Authority furtherprocesses (Step 4512) the message.

Further processing (Step 4512) of the message includes consideration(Step 4514) of numerous factors that are used by the Account Authorityto gauge the risk that the digital signature was fraudulently generatedand, ultimately, to determine whether to perform the transaction on theaccount. The consideration (Step 4514) includes an evaluation (Step4516) of the security features and manufacturing history of the devicelinked with the public key of the device within the environment of themanufacturing of the device and, as applicable: an evaluation (Step4518) of entity authentication provided by the sender of the EC or userof the device; an evaluation (Step 4520) of environmental factorssurrounding the origination of the EC; an evaluation (Step 4522) of thetransactional history of the device on the account; and an evaluation(Step 4524) of other account or business-specific factors. At a morefundamental level, the PuK-to-Account Authentication also may beconsidered in gauging the risk of fraud.

Whether the Account Authority considers some or all of the abovefactors, how much weight the Account Authority applies to any particularfactor, and what order the Account Authority makes these evaluations mayvary; and the Account Authority uses its own business rules and judgmentto determine (Step 4526), based on its own considerations in Step 4514,whether to perform the transaction on the account. If the determinationin Step 4526 is negative, then the Account Authority rejects (Step 4510)the message. If the determination in Step 4526 is positive, then theAccount Authority performs (Step 4528) the transaction on the accountand updates (Step 4530) the account record accordingly. Alternatively,the Account Authority may choose to execute only a limited portion ofthe instruction (not shown) based on its considerations (Step 4514), orthe Account Authority may require additional information from the senderof the EC prior to performing the transaction (not shown).

In a feature of the present invention, a plurality of different devicesare associated with the same user account maintained with the AccountAuthority. In this situation, the risk of a fraudulent transactionpreferably is gauged not on an overall account basis, but rather, on adevice-by-device basis for each account. Specifically, the transactionalhistory of digital signatures on the account preferably is recorded andlater considered on a device-by-device basis.

Of course, the actual rule base or business logic used by each AccountAuthority is subjective and necessarily will vary as between AccountAuthorities. Nevertheless, the reliable identification of the securityfeatures and manufacturing history of a device—when combined withevaluations of the transactional account history of digital signaturesgenerated by the device, environmental factors in which the digitalsignature is originated, and other account or business-specificfactors—provides added security against fraudulent transactions nototherwise realized.

F. Disseminating PuK-Linked Information of Device Generating DigitalSignatures

In accordance with a sixth aspect of the present invention, an entity(herein “Central Key Authority”) maintains certain PuK-linked accountinformation of a user (herein “Registration Information”) fordisseminating to one or more Account Authorities. The RegistrationInformation includes the public key (PuK) of a device of the user thatgenerates digital signatures and one or more of the following types ofinformation: the identity of Account Authorities with which the user hasPuK-linked accounts for the device and respective account identifiersthat identify each PuK-linked account of the user to the respectiveAccount Authority; information linked with the public key of the devicein accordance with the first aspect of the present invention;user-specific information, such as the user's mailing address, creditcard information, age, etc.; and, as desired, the authenticationtechniques that were employed in verifying the user-specific informationmaintained by the Central Key Authority. Furthermore, the Central KeyAuthority preferably indexes the Registration Information of the user toa unique account identifier such that the Registration Information maybe retrieved based on the account identifier. In this regard, but notshown, the public key may serve as the unique account identifier. Anexample of a PuK-linked account database 4640 of a Central Key Authorityis illustrated in FIG. 46.

In accordance with this aspect of the present invention, the Central KeyAuthority disseminates some or all of the Registration Information, asappropriate, to Account Authorities. Registration Information isdisseminated when the user has an account with an Account Authority—ordesires to establish an account with an Account Authority—and desires tosend ECs with messages each containing an instruction that represents atransaction on the account, each such message being digitally signedusing the device. The dissemination of the Registration Informationoccurs, for example, when Registration Information maintained by anAccount Authority has become outdated for a particular account.Furthermore, the dissemination of the Registration Information may be inaccordance with the third aspect of the present invention wherein thePuK-linked account database record is obtained from the Central KeyAuthority if the Central Key Authority is considered to have sufficientsecurity measures and protocols so as to qualify to be a Secure Entity.

The Registration Information maintained by the Central Key Authority isobtained in various ways. For example, the public key and informationlinked therewith preferably is obtained from a Secure Entity inaccordance with the first, second, or third aspects of the presentinvention. The identity of the Account Authorities with which the userhas PuK-linked accounts for the device, and the account identifier thatidentifies the PuK-linked account of the user to each such AccountAuthority, preferably is obtained from the user, and is obtained whenthe user registers with the Central Key Authority; when, at theinstruction of the user, the Central Key Authority establishes anaccount on behalf of the user with an Account Authority; or when thethird-party, at the instruction of the user, acquires RegistrationInformation from the Central Key Authority.

An example of efficiency and convenience that may be provided by theCentral Key Authority in accordance with this sixth aspect of thepresent invention comprises the updating of PuK-linked accounts of auser with a new device of the user in place of the user's old (andpossibly outdated) device as represented by the respective public keysof the devices. With reference to FIGS. 47-51, such an update preferablyis accomplished by a user 4758 by the mere sending (Step 4806) of an EC4722 to a Central Key Authority 4760 with which the user 4758 haspreviously registered with an old device as represented by the oldpublic key (PuK1).

The EC 4722 includes a message (M) having an instruction to associate anew public key (PuK2) included in the message with accounts of the user4758 maintained by certain Account Authorities 4762,4764, whichpreferably are on register with the Central Key Authority 4760. Themessage is digitally signed (Step 4802) using the private key (PrK1),and the digital signature (DS) therefor is included (Step 4804) with themessage in the EC 4722. The EC 4722 also includes the account identifier(CKA#) for the account maintained by the Central Key Authority 4760.

Upon receipt (Step 4902) of the EC 4722, the Central Key Authority 4760authenticates (Step 4904) the message (M) of the EC 4722 using thepublic key (PuK1) associated with the account of the user 4758maintained by the Central Key Authority 4760 as identified by the uniqueaccount identifier (CKA#).

Upon successful authentication, the Central Key Authority 4760 updates(Step 4906) the Registration Information with the new public key (PuK2)and sends (Step 4908) a respective EC 4766,4768 to each of the AccountAuthorities 4762,4764 identified by the user 4758. Each EC 4762,4764includes a respective request of the Account Authorities 4762,4764 toassociate the new public key (PuK2) with the accounts of the user 4758.The Central Key Authority 4760 also preferably obtains the SecurityProfile linked with the new public key (PuK2) in accordance with thefirst aspect of the present invention, and includes the Security Profilewith the new public key (PuK2) in the respective request sent to theAccount Authorities 4762,4764.

The request preferably is digitally signed (Step 4908) using a privatekey of the Central Key Authority 4760 for authentication of the requestand information therein by each Account Authority 4762,4764, and mayinclude the original EC 4722 received by the Central Key Authority 4760from the user 4758. Each respective request also preferably includes theappropriate account identifier for the account that is to be updated byeach Account Authority 4762,4764, which information is part of theRegistration Information maintained by the Central Key Authority 4760.

Upon receipt (Step 5002) of the EC 4766 by Account Authority 4762, therequest (R1) is authenticated (Step 5004) using a public key of theCentral Key Authority 4760, which preferably is obtained by the AccountAuthority 4762 beforehand. The Account Authority 4762 also mayauthenticate the original message (M) in EC 4722, as desired. Uponsuccessful authentication, the Account Authority 4762 updates (Step5006) the account identified by the account identifier (Acc#) in the EC4766 by associating the new public key (PuK2) with the account.

Similarly, upon receipt (Step 5102) of the EC 4768 by Account Authority4764, the request (R2) is authenticated (Step 5104) using the public keyof the Central Key Authority 4760, which preferably is obtained by theAccount Authority 4764 beforehand. The Account Authority 4764 also mayauthenticate the original message (M) in EC 4722, as desired. Uponsuccessful authentication, the Account Authority 4764 updates (Step5106) the account identified by the account identifier (Acc#) in the EC4768 by associating the new public key (PuK2) with the account.

As will be appreciated by those having ordinary skill in the art, whiletwo Account Authorities have been illustrated in the preferred method ofFIGS. 47-51, any number of Account Authorities may be sent a respectiveEC by the Central Key Authority as appropriate and desired. Indeed, themore Account Authorities that are contacted, the more efficient andconvenient the preferred method in accordance with the sixth aspect ofthe present invention.

Accordingly, it readily will be understood by those persons skilled inthe art that, in view of the above detailed description of preferredembodiments, devices, and methods of the present invention, the presentinvention is susceptible of broad utility and application. Many methods,embodiments, and adaptations of the present invention other than thoseherein described, as well as many variations, modifications, andequivalent arrangements, will be apparent from or reasonably suggestedby the present invention and the following detailed description thereof,without departing from the substance or scope of the present invention.Furthermore, those of ordinary skill in the art will understand andappreciate that although steps of various processes may be shown anddescribed in some instances as being carried out in a preferred sequenceor temporal order, the steps of such processes are not necessarily to belimited to being carried out in such particular sequence or order.Rather, in many instances the steps of processes described herein may becarried out in various different sequences and orders, while stillfalling within the scope of the present invention. Accordingly, whilethe present invention is described herein in detail in relation topreferred methods and devices, it is to be understood that this detaileddescription only is illustrative and exemplary of the present inventionand is made merely for purposes of providing a full and enablingdisclosure of the invention. The detailed description set forth hereinis not intended nor is to be construed to limit the present invention orotherwise to exclude any such other embodiments, adaptations,variations, modifications and equivalent arrangements of the presentinvention, the present invention being limited solely by the claimsappended hereto and the equivalents thereof.

For instance, the roles set forth above with respect to the SecureManufacturing Facility, the Secure Entity, the Account Authority, theFinancial Institution, the Insuring Entity, and the Central KeyAuthority, may all be performed by a single entity or affiliatedentities, or any combination thereof, in accordance with the presentinvention. Moreover, any of the aforementioned entities also may be arecipient of an EC.

Additionally, it should be apparent that the devices described abovewith regard to the present invention encompass, for example, devices ofmerchants and other commercial entities that generate digitalsignatures, and are not limited to devices of individual consumers thatgenerate digital signatures. For instance, a device in accordance withthe present invention includes an I/O support element comprising, forexample, an IC card reader used to read IC cards of individual consumersin establishing secure financial transactions if such IC card readeritself generates digital signatures. In this regard, such device mayinclude a trusted platform module.

1. A method in which information of a device that generates digitalsignatures is reliably identified, comprising the steps of, (a) for eachof a plurality of devices manufactured in a secure manufacturingenvironment, (i) creating, within the secure manufacturing environment,a public-private key pair, (ii) linking, within the secure manufacturingenvironment, the public key with other information associated with thedevice, wherein the other information comprises at least one of securityfeatures and manufacturing history of the device and wherein the otherinformation defines a relative security level of the device, and (iii)before release of the device from the secure manufacturing environment,storing the private key within the device for utilization in generatinga digital signature for an electronic message, (b) recording the linkedpublic key and other information in a database and maintaining thedatabase in a secure environment having a security rating at leastcomparable to the security level of the device for which the public keythereof is linked, (c) thereafter, when a public key linked in step(a)(ii) successfully authenticates a digitally signed message outside ofthe secure manufacturing environment, identifying from the database theother information to which the public key was linked in step (a)(ii) aspertaining to the device to which belongs the private key utilized indigitally signing the message without use of a digital certificate. 2.The method of claim 1, wherein the other information is identified by arecipient of the digitally signed message.
 3. The method of claim 1,wherein the other information is identified to a recipient of thedigitally signed message.
 4. The method of claim 1, further comprisinggauging a risk that the private key was fraudulently used to digitallysign the message based at least in part on said identified otherinformation of step (b).
 5. The method of claim 1, wherein, for eachdevice, the other information comprises security characteristics of thedevice.
 6. The method of claim 5, wherein the security characteristicsof a respective manufactured device include an algorithm used by thedevice in originating digital signatures.
 7. The method of claim 1,wherein, for each device, the other information comprises authenticationcapabilities of the device.
 8. The method of claim 7, wherein theauthentication capabilities include whether the device performsauthentication based on a Secret and authentication based on a biometriccharacteristic.
 9. The method of claim 1, wherein, for each device, theother information comprises all of the security features of the device.10. The method of claim 1, wherein the secure environment includesmultiple physical locations.
 11. The method of claim 1, wherein theelectronic message represents a financial transaction.
 12. The method ofclaim 1, wherein the electronic message represents a legal action. 13.The method of claim 1, wherein the electronic message represents arequest for access to information.
 14. The method of claim 1, whereinthe electronic message represents a request for access to a physicallocation.
 15. The method of claim 1, wherein, for each of the pluralityof manufactured devices, the public-private key pair is generated withineach respective device.
 16. The method of claim 15, wherein only thepublic key of each pair is exportable from the respective device. 17.The method of claim 15, wherein the private key is not exportable fromthe respective device.
 18. A method of manufacturing devices thatgenerate digital signatures such that each device may be reliably anduniquely identified without use of a digital certificate, the devicesbeing manufactured within a secure manufacturing environment, comprisingthe steps of, for each respective device: (a) creating, within thesecure manufacturing environment, a public-private key pair, (b) beforerelease of the device from the secure manufacturing environment, storingthe private key within the device for utilization in generating adigital signature for an electronic message, the private key beingstored within the device against the possibility of divulgement thereofby the device, (c) securely linking, within the secure manufacturingenvironment, the public key with other information, wherein the otherinformation comprises at least one of security features andmanufacturing history of the device and wherein the other informationdefines a relative security level of the device, and (d) recording thelinked public key and other information in a database and maintainingthe database in a secure environment having a security rating at leastcomparable to the security level of the device for which the public keythereof is linked.
 19. The method of claim 18, wherein thepublic-private key pair is created within the device based on a randomnumber produced by a random number generator disposed within the device.20. The method of claim 19, wherein the random number generator is ahigh quality random number generator.
 21. The method of claim 19,wherein only the public key is exportable from the device.
 22. Themethod of claim 19, wherein each digital signature generated by eachdevice is a random number.
 23. The method of claim 18, wherein the otherinformation comprises security characteristics of the device.
 24. Themethod of claim 18, further comprising identifying a particularmanufactured device by authenticating a message using one of said linkedpublic keys, a digital signature for the message having been generatedby the particular manufactured device.
 25. A method in which informationof a device that generates digital signatures is reliably identified,comprising the steps of: (a) for each of a plurality of devicesmanufactured in a secure manufacturing environment, before release ofthe device from the secure manufacturing environment: (i) creating apublic-private key pair; (ii) storing the private key within the devicefor utilization in generating digital signatures for electronicmessages; and (iii) linking the public key with other informationassociated with the device, wherein the other information defines arelative security level of the device; (b) for each of the plurality ofdevices manufactured in the secure manufacturing environment: (i)originating a digital signature for a reference, the reference includingthe public key and the other information of the device, the digitalsignature for the reference generated by a private key of a SecureEntity; (ii) publishing the reference and digital signature therefor,and; (iii) maintaining the private key of the Secure Entity in a secureenvironment outside of the device, wherein the secure environment has asecurity rating that is at least comparable to the security level of thedevice to which the reference pertains; and (c) thereafter, when apublic key linked in step (a)(iii) successfully authenticates adigitally signed message, identifying the other information to which thepublic key was linked in step (a)(iii) as pertaining to the device towhich belongs the private key utilized in digitally signing the messagebased on a successful authentication of the reference.
 26. The method ofclaim 25 wherein the other information comprises at least one ofsecurity features and manufacturing history of the device.
 27. Themethod of claim 25 wherein the Secure Entity is the manufacturer of thedevice.
 28. The method of claim 25 wherein the Secure Entity is not themanufacturer of the device.
 29. The method of claim 25, wherein thesecure environment includes multiple physical locations.